Debian update for ketm - Secunia Advisories - Vulnerability Intelligence

Debian update for ketm
Secunia Advisory:	SA18225	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2005-12-27
Popularity:	5,593 views

Critical:	Not critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux 3.1 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2005-3535

Description: Steve Kemp has reported a vulnerability in ketm, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error in support.c when formatting an error message for display. This can be exploited to cause a stack-based buffer overflow via an overly long command line argument and may be exploited to execute arbitrary code with group "games" privileges. Solution: Apply updated packages. -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0.dsc Size/MD5 checksum: 601 689826ac63e2c43800b4a95477e4e025 http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0.diff.gz Size/MD5 checksum: 102455 3d95dffde08a37f92b547b0d5c5cdd1f http://ftp.debian.org/debian/pool/main/k/ketm/ketm_0.0.6.orig.tar.gz Size/MD5 checksum: 2300316 815dd1ec3d3e34ed563c2e8b846c1873 Alpha architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_alpha.deb Size/MD5 checksum: 2291294 d3ab0d5c4d226e85b22024ef26225118 ARM architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_arm.deb Size/MD5 checksum: 2280012 770c1260ba4f98f207b933b85a76c77b Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_i386.deb Size/MD5 checksum: 2270074 e7d544f6a7c93053e10e6dc57a9cdeca Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_ia64.deb Size/MD5 checksum: 2314582 157ce41e4b56f4d04a51ea26e45ea701 HP Precision architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_hppa.deb Size/MD5 checksum: 2304688 ae0eee4fac599d235df518c8aed02220 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_m68k.deb Size/MD5 checksum: 2265824 e7cf4caad4048013762bf2eef7fbe53c Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_mips.deb Size/MD5 checksum: 2285898 22b5967929450cfae83a009a864a0428 Little endian MIPS architecture: http://security.debian.org/pool/updat.../k/ketm/ketm_0.0.6-7woody0_mipsel.deb Size/MD5 checksum: 2285466 67ad79342e043766c18d331d19927928 PowerPC architecture: http://security.debian.org/pool/updat...k/ketm/ketm_0.0.6-7woody0_powerpc.deb Size/MD5 checksum: 2283386 dabfa2d80c5178e7794a45c438dbd405 IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_s390.deb Size/MD5 checksum: 2272008 92da299f8c913fdf9bd8decf4176cf2c Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_sparc.deb Size/MD5 checksum: 2276286 3baa3ec01cdb1f9288af03703cfa27d5 -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1.dsc Size/MD5 checksum: 618 c16dea02615d3d54ad809da66f353567 http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1.diff.gz Size/MD5 checksum: 49309 1db837fff1b5ed5e2a37bc6b3874ca70 http://ftp.debian.org/debian/pool/main/k/ketm/ketm_0.0.6.orig.tar.gz Size/MD5 checksum: 2300316 815dd1ec3d3e34ed563c2e8b846c1873 Architecture independent components: http://security.debian.org/pool/updat...ketm/ketm-data_0.0.6-17sarge1_all.deb Size/MD5 checksum: 2228258 f8e0206d18cb928629636ace10ad898c Alpha architecture: http://security.debian.org/pool/updat.../k/ketm/ketm_0.0.6-17sarge1_alpha.deb Size/MD5 checksum: 100182 504db7244cfb3fa3f850d0ee174bf476 AMD64 architecture: http://security.debian.org/pool/updat.../k/ketm/ketm_0.0.6-17sarge1_amd64.deb Size/MD5 checksum: 69582 2c2efd63e76afe5c680193d489815dec ARM architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_arm.deb Size/MD5 checksum: 69122 30ff71419a3e106bd067a983ed3db30f Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_i386.deb Size/MD5 checksum: 61034 a8d7eae4795a1caa3c47dca929e93254 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_ia64.deb Size/MD5 checksum: 126326 728cd5e277b43ac8aef87cf092478168 HP Precision architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_hppa.deb Size/MD5 checksum: 89424 22aba3b17b99631d559d59d19ca0f669 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_m68k.deb Size/MD5 checksum: 50590 ac31fa12be1ac3fad1596d54a41e593b Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_mips.deb Size/MD5 checksum: 79420 2663c4a81111c9d3c9f43737a6899666 Little endian MIPS architecture: http://security.debian.org/pool/updat...k/ketm/ketm_0.0.6-17sarge1_mipsel.deb Size/MD5 checksum: 79134 c461cd34b6ced500a3622ebaf51bd07b PowerPC architecture: http://security.debian.org/pool/updat.../ketm/ketm_0.0.6-17sarge1_powerpc.deb Size/MD5 checksum: 83890 01c28fdaa89ec3aef148c0ac0dc1656a IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_s390.deb Size/MD5 checksum: 63110 dd95bef4893b7e5a0722d462a3374c6f Sun Sparc architecture: http://security.debian.org/pool/updat.../k/ketm/ketm_0.0.6-17sarge1_sparc.deb Size/MD5 checksum: 73232 8e4594ac0f872bad24ef232accb00d9a -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.0.6-17sarge1. Provided and/or discovered by: Steve Kemp Original Advisory: http://www.debian.org/security/2005/dsa-926

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

Today

New advisories:	12
New vulnerabilities:	46
Updated advisories:	20

Highly // 147 views

Apple iPhone / iPod touch Multiple Vulnerabilities

Moderately // 106 views

vBulletin Visitor Messages Script Insertion Vulnerability

Less // 160 views

SemanticScuttle Cross-Site Scripting Vulnerabilities

Moderately // 164 views

Easyedit CMS Multiple SQL Injection Vulnerabilities

Highly // 170 views

Fedora update for thunderbird

Less // 214 views

IBM Workplace Web Content Management Cross-Site Scripting Vulnerabilities

Highly // 340 views

BitDefender Antivirus PDF Processing Memory Corruption Vulnerability

Moderately // 253 views

xt:Commerce SQL Injection Vulnerability

Less // 217 views

Softbiz Classifieds Script "msg" Cross-Site Scripting Vulnerability

Not // 337 views

Checkpoint VPN-1 Information Disclosure Vulnerability

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.