Secunia Logo
Netsikker nu! 2008
 Vulnerability IntelligenceVulnerability ScanningBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Debian update for graphviz
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Debian update for graphviz
Secunia Advisory: SA17125
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2005-10-10
Popularity: 5,860 views

Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS:Debian GNU/Linux 3.1
Debian GNU/Linux unstable alias sid
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2005-2965
Description:
Debian has issued an update for graphviz. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

For more information:
SA17121

Solution:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

Source archives:

http://security.debian.org/pool/updat...g/graphviz/graphviz_2.2.1-1sarge1.dsc
Size/MD5 checksum: 788 0076de753bc31e2a61858db7275893c4
http://security.debian.org/pool/updat...aphviz/graphviz_2.2.1-1sarge1.diff.gz
Size/MD5 checksum: 360551 19b83dc92ffc1628b17ad195c2c4c7ee
http://security.debian.org/pool/updat...g/graphviz/graphviz_2.2.1.orig.tar.gz
Size/MD5 checksum: 4371071 bb46d8ada39436cb672922f0c8b1339c

Alpha architecture:

http://security.debian.org/pool/updat...hviz/graphviz_2.2.1-1sarge1_alpha.deb
Size/MD5 checksum: 1151680 aaa9bb1ccaf996e138f036c857e1d938
http://security.debian.org/pool/updat.../graphviz-dev_2.2.1-1sarge1_alpha.deb
Size/MD5 checksum: 147802 c78030d9da50d17e4d1b5e6afb439e4a
http://security.debian.org/pool/updat.../graphviz-doc_2.2.1-1sarge1_alpha.deb
Size/MD5 checksum: 1079766 4368d7d2029d9f005000e79a13d65de5

AMD64 architecture:

http://security.debian.org/pool/updat...hviz/graphviz_2.2.1-1sarge1_amd64.deb
Size/MD5 checksum: 1028842 4bd5499061f2ac3f2d80ebce5884ddba
http://security.debian.org/pool/updat.../graphviz-dev_2.2.1-1sarge1_amd64.deb
Size/MD5 checksum: 147794 9a2c752a021f6ac4f8586ea55a754753
http://security.debian.org/pool/updat.../graphviz-doc_2.2.1-1sarge1_amd64.deb
Size/MD5 checksum: 1079764 f1ed94723735cb27c5cece15c442a082

ARM architecture:

http://security.debian.org/pool/updat...aphviz/graphviz_2.2.1-1sarge1_arm.deb
Size/MD5 checksum: 957024 91e46f01080fa683322a5439fcb6f9cf
http://security.debian.org/pool/updat...iz/graphviz-dev_2.2.1-1sarge1_arm.deb
Size/MD5 checksum: 147910 e8bc0bfa9da280de7f35e55072749d97
http://security.debian.org/pool/updat...iz/graphviz-doc_2.2.1-1sarge1_arm.deb
Size/MD5 checksum: 1079870 6ae6c0cbc7165c0212b8678c6cfb73be

Intel IA-32 architecture:

http://security.debian.org/pool/updat...phviz/graphviz_2.2.1-1sarge1_i386.deb
Size/MD5 checksum: 971018 6504a5be6579cafc0b5d0192d02cbeb6
http://security.debian.org/pool/updat...z/graphviz-dev_2.2.1-1sarge1_i386.deb
Size/MD5 checksum: 147782 1d3bcfb7af6b5efaa464aca184a09895
http://security.debian.org/pool/updat...z/graphviz-doc_2.2.1-1sarge1_i386.deb
Size/MD5 checksum: 1079544 410836e1f6dae3d081d24276cf1dbfed

Intel IA-64 architecture:

http://security.debian.org/pool/updat...phviz/graphviz_2.2.1-1sarge1_ia64.deb
Size/MD5 checksum: 1408608 d92403774ce8ab2c6c33583566f4a74f
http://security.debian.org/pool/updat...z/graphviz-dev_2.2.1-1sarge1_ia64.deb
Size/MD5 checksum: 147790 6687e3e385ecabb97e96a2beb35ec20c
http://security.debian.org/pool/updat...z/graphviz-doc_2.2.1-1sarge1_ia64.deb
Size/MD5 checksum: 1079772 afe9c3733e20cd75156efc77f41ab0a4

HP Precision architecture:

http://security.debian.org/pool/updat...phviz/graphviz_2.2.1-1sarge1_hppa.deb
Size/MD5 checksum: 1151402 268299bc1633d70c5e78abc5c91efb11
http://security.debian.org/pool/updat...z/graphviz-dev_2.2.1-1sarge1_hppa.deb
Size/MD5 checksum: 147880 aef3da2f4a4c0d8827853155be87a234
http://security.debian.org/pool/updat...z/graphviz-doc_2.2.1-1sarge1_hppa.deb
Size/MD5 checksum: 1079858 634921b20e354a71293ef10ad38a46a5

Motorola 680x0 architecture:

http://security.debian.org/pool/updat...phviz/graphviz_2.2.1-1sarge1_m68k.deb
Size/MD5 checksum: 896778 ee24b56e3f786e3e363719905f260e70
http://security.debian.org/pool/updat...z/graphviz-dev_2.2.1-1sarge1_m68k.deb
Size/MD5 checksum: 147946 ba725a190eebcd9171591e50434a8183
http://security.debian.org/pool/updat...z/graphviz-doc_2.2.1-1sarge1_m68k.deb
Size/MD5 checksum: 1079948 c66f74f330f8e308e0940f0156d93334

Big endian MIPS architecture:

http://security.debian.org/pool/updat...phviz/graphviz_2.2.1-1sarge1_mips.deb
Size/MD5 checksum: 1069962 e71a71408355d69a74c35f54ffa5479d
http://security.debian.org/pool/updat...z/graphviz-dev_2.2.1-1sarge1_mips.deb
Size/MD5 checksum: 147846 aef321f8dff7f97b778cba07f12208da
http://security.debian.org/pool/updat...z/graphviz-doc_2.2.1-1sarge1_mips.deb
Size/MD5 checksum: 1079788 36296b7524a681f32447b1194034192a

Little endian MIPS architecture:

http://security.debian.org/pool/updat...viz/graphviz_2.2.1-1sarge1_mipsel.deb
Size/MD5 checksum: 1069694 3bbe601f0bff627f68963dcecf73b2a6
http://security.debian.org/pool/updat...graphviz-dev_2.2.1-1sarge1_mipsel.deb
Size/MD5 checksum: 147850 da46543e6ff7b3979b4bb90402f664d1
http://security.debian.org/pool/updat...graphviz-doc_2.2.1-1sarge1_mipsel.deb
Size/MD5 checksum: 1079794 9a8d4c20206253c80bb4a99972ceeacc

PowerPC architecture:

http://security.debian.org/pool/updat...iz/graphviz_2.2.1-1sarge1_powerpc.deb
Size/MD5 checksum: 1008466 58040eea1cf451cf73a51eafa22249f7
http://security.debian.org/pool/updat...raphviz-dev_2.2.1-1sarge1_powerpc.deb
Size/MD5 checksum: 109640 9f440a8fbc40ab6aac250aff98aeb6c2
http://security.debian.org/pool/updat...raphviz-doc_2.2.1-1sarge1_powerpc.deb
Size/MD5 checksum: 1021390 717397a115d4dfb45fe4304ef6a4798f

IBM S/390 architecture:

http://security.debian.org/pool/updat...phviz/graphviz_2.2.1-1sarge1_s390.deb
Size/MD5 checksum: 1066984 0e991d25637617485139789d5e7e04a2
http://security.debian.org/pool/updat...z/graphviz-dev_2.2.1-1sarge1_s390.deb
Size/MD5 checksum: 147836 4691cd25c84efb123ed871ff07add5d3
http://security.debian.org/pool/updat...z/graphviz-doc_2.2.1-1sarge1_s390.deb
Size/MD5 checksum: 1079762 8af20e15aa7dcc1182f406b35d413c48

Sun Sparc architecture:

http://security.debian.org/pool/updat...hviz/graphviz_2.2.1-1sarge1_sparc.deb
Size/MD5 checksum: 996492 e9810691f1da7f90193a84bf392022b4
http://security.debian.org/pool/updat.../graphviz-dev_2.2.1-1sarge1_sparc.deb
Size/MD5 checksum: 147850 8a77d6684d0650767de4f7a9a0b81207
http://security.debian.org/pool/updat.../graphviz-doc_2.2.1-1sarge1_sparc.deb
Size/MD5 checksum: 1079806 1586aba92215bfe6e35082d2fba3fce9

-- Debian GNU/Linux unstable alias sid --

Fixed in version 2.2.1-1sarge1.

Original Advisory:
http://www.debian.org/security/2005/dsa-857

Other References:
SA17121:
http://secunia.com/advisories/17121/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

10th Oct, 2008
New advisories: 15
New vulnerabilities: 83
Updated advisories: 41

Moderately // 716 views
ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability
Moderately // 702 views
Built2go Real Estate Listings "event_id" SQL Injection
Highly // 1,017 views
Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow
Moderately // 737 views
Red Hat update for cups
Highly // 752 views
DFF PHP Framework API "DFF_config[dir_incl ude]" File Inclusion Vulnerabilities
Not // 821 views
FUJITSU Interstage Products Apache Tomcat Security Bypass
Moderately // 1,086 views
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
Moderately // 710 views
Fedora update for condor
Moderately // 1,114 views
CUPS Multiple Vulnerabilities
Not // 775 views
Gentoo Portage Insecure Python Module Search Path Security Issue

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. phpBB "gen_rand_string()" Predictable RNG Weakness // 93 views
2. Zeroboard Multiple Vulnerabilities // 53 views
3. Zeroboard Two Vulnerabilities // 39 views
4. phpBB Avatar Functions Information Disclosure and Deletion // 34 views
5. Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow // 34 views
6. CA ARCserve Backup Multiple Vulnerabilities // 30 views
7. phpBB "url" bbcode Script Insertion Vulnerability // 30 views
8. phpBB Avatar Script Insertion Vulnerability // 29 views
9. ArticleBeach Script "page" File Inclusion Vulnerability // 26 views
10. CUPS Multiple Vulnerabilities // 25 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008