Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > February 2005 > Three Debian Security Advisories: 1. DSA 679-1 - toolchain-source 2. DSA 680-1 - htdig 3. DSA 681-1 - synaesthesia

February 2005

Three Debian Security Advisories: 1. DSA 679-1 - toolchain-source 2. DSA 680-1 - htdig 3. DSA 681-1 - synaesthesia

ID: 00140
Ref: 123/2005
Date: 15 February 2005:14:37:25
Version: 1
Title: Three Debian Security Advisories: 1. DSA 679-1 - toolchain-source 2. DSA 680-1 - htdig 3. DSA 681-1 - synaesthesia
Abstract:
Vendors affected: Debian
Operating systems affected: Debian
Applications affected: Debian
Title
=====

Three Debian Security Advisories:

1. DSA 679-1 - toolchain-source

2. DSA 680-1 - htdig

3. DSA 681-1 - synaesthesia

Detail
======

1. Sean Finney discovered several insecure temporary file uses in toolchain-source,
the GNU binutils and GCC source code and scripts. These bugs can lead a local
attacker with minimal knowledge to trick the admin into overwriting arbitrary
files via a symlink attack. The problems exist inside the Debian-specific
tpkg-* scripts.

2. Michael Krax discovered a cross site scripting vulnerability in ht://dig,
a web search system for an intranet or small internet.

3. Erik Sjölund and Devin Carraway discovered that synaesthesia, a program for
representing sounds visually, accesses user-controlled configuration and mixer
files with elevated privileges. Thus, it is possible to read arbitrary files.



1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 679-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 14th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : toolchain-source
Vulnerability : insecure temporary files
Problem-Type : local
Debian-specific: yes
CVE ID : CAN-2005-0159

Sean Finney discovered several insecure temporary file uses in toolchain-source,
the GNU binutils and GCC source code and scripts. These bugs can lead a local
attacker with minimal knowledge to trick the admin into overwriting arbitrary
files via a symlink attack. The problems exist inside the Debian-specific
tpkg-* scripts.

For the stable distribution (woody) these problems have been fixed in version
3.0.4-1woody1.

For the unstable distribution (sid) these problems have been fixed in version
3.4-5.

We recommend that you upgrade your toolchain-source package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as
given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the
proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/t/toolchain-source/toolchain-source_3.0.4-1woody1.dsc
Size/MD5 checksum: 532 a40a4bd817419cc8230a708920234140
http://security.debian.org/pool/updates/main/t/toolchain-source/toolchain-source_3.0.4-1woody1.tar.gz
Size/MD5 checksum: 25951549 f922410b108313705c4c32721403c93f

Architecture independent components:

http://security.debian.org/pool/updates/main/t/toolchain-source/toolchain-source_3.0.4-1woody1_all.deb
Size/MD5 checksum: 25962880 043b5163799735aa36cd163e86f26cfd


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp:
ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list:
debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCEI5/W5ql+IAeqTIRAiZAAJ9xzb7f3GRNLyTX2pH3+4+oRMeGIwCdFszl
/SOUYD4+tyC7pzH1nXfUEG0=
=L7v0
- -----END PGP SIGNATURE-----



2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 680-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 14th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : htdig
Vulnerability : unsanitised input
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0085

Michael Krax discovered a cross site scripting vulnerability in ht://dig,
a web search system for an intranet or small internet.

For the stable distribution (woody) this problem has been fixed in version
3.1.6-3woody1.

For the unstable distribution (sid) this problem has been fixed in version
3.1.6-11.

We recommend that you upgrade your htdig package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list
as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the
proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1.dsc
Size/MD5 checksum: 591 e5fd50b03893bda0bb43aa6a54beacc4
http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1.diff.gz
Size/MD5 checksum: 19822 294cfc471ac36e7cc3ade8e8ab2a968c
http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6.orig.tar.gz
Size/MD5 checksum: 2068675 7a2f20d8d6149efd8d119bb2ebf55f23

Architecture independent components:

http://security.debian.org/pool/updates/main/h/htdig/htdig-doc_3.1.6-3woody1_all.deb
Size/MD5 checksum: 316892 3c2f6462e01ace0097a9351c1a98ca39

Alpha architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_alpha.deb
Size/MD5 checksum: 1103690 e5a883a1619d22da9598f66c53ab28ee

ARM architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_arm.deb
Size/MD5 checksum: 1009600 98ccc3af2d25970b7cff9a5451b045e5

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_i386.deb
Size/MD5 checksum: 950526 3557095a60b11ef24bff9634778107fc

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_ia64.deb
Size/MD5 checksum: 1216768 840c06cf1b6c405ab24bc20a7d41bdd4

HP Precision architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_hppa.deb
Size/MD5 checksum: 1155976 345dc883031bc10c10b7ac4743d2a679

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_m68k.deb
Size/MD5 checksum: 921906 82f8f0dd287a78856179f29ea1161489

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_mips.deb
Size/MD5 checksum: 992524 e5b1c3054332a4f92cecae9c888bff8b

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_mipsel.deb
Size/MD5 checksum: 989954 d4e2b19ad21431118fbb4a1ccdc46a24

PowerPC architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_powerpc.deb
Size/MD5 checksum: 937060 7841f5423965ce1f2afbff9c0054182a

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_s390.deb
Size/MD5 checksum: 910122 939faa17e33b38585ab518c21751a171

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/h/htdig/htdig_3.1.6-3woody1_sparc.deb
Size/MD5 checksum: 914470 85ceb822a4e3b1906c9e97ea01192c9c


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp:
ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list:
debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCELPiW5ql+IAeqTIRAmxqAJ9Ds1+DQqfsJQsKjokt7Z29tuDROACfWi1V
KIQOaXHbWBAWiQLsBPJxd2g=
=BSJ4
- -----END PGP SIGNATURE-----



3.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 681-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 14th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package : synaesthesia
Vulnerability : privilege escalation
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0070

Erik Sjölund and Devin Carraway discovered that synaesthesia, a program for
representing sounds visually, accesses user-controlled configuration and mixer
files with elevated privileges. Thus, it is possible to read arbitrary files.

For the stable distribution (woody) this problem has been fixed in version
2.1-2.1woody3.

For the testing (sarge) and unstable (sid) distribution this problem does
not exist since synaesthesia is not installed setuid root anymore.

We recommend that you upgrade your synaesthesia package.


Upgrade Instructions
- - --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3.dsc
Size/MD5 checksum: 635 10d25969579c0c47a7b129ad01da7484
http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3.diff.gz
Size/MD5 checksum: 4016 be2f05ddbb3313c695e4eff731c680ef
http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1.orig.tar.gz
Size/MD5 checksum: 129209 5bc166deb369a3c71efd61e1ad5e5475

Alpha architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_alpha.deb
Size/MD5 checksum: 78042 d9e3e8349ea6f271de6a8285a8dfe495

ARM architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_arm.deb
Size/MD5 checksum: 78348 5337592249f592cb0862203a6fca1159

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_i386.deb
Size/MD5 checksum: 70848 bb1224e1dffc6bf0a44a3bba534a4bc0

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_ia64.deb
Size/MD5 checksum: 85912 68d1397f3599f6274580b15b9e7dc844

HP Precision architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_hppa.deb
Size/MD5 checksum: 77738 441992d64a1297a1c2aad0595de3ae71

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_m68k.deb
Size/MD5 checksum: 67484 ec838c58184804de2ab10c0586f818dc

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_mips.deb
Size/MD5 checksum: 75892 a67edbec6ff9516e0a890cff2756a678

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_mipsel.deb
Size/MD5 checksum: 75580 0c1402c43656f76f61dc096a231991bf

PowerPC architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_powerpc.deb
Size/MD5 checksum: 72232 1bca4dfe5d5b27b6329b885b3c5f1350

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_s390.deb
Size/MD5 checksum: 70430 f001c092c3f05099942db6b699fa0029

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/s/synaesthesia/synaesthesia_2.1-2.1woody3_sparc.deb
Size/MD5 checksum: 71944 bb5f8638ecf6746521ab960433587735


These files will probably be moved into the stable distribution on
its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp:
ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list:
debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCEONZW5ql+IAeqTIRAne8AKC6YpSsaKgFYGF6LfQVQtJZ1bcGEgCgpiko
4O8LYgmmFVKmYCJl6rdkXv0=
=Zj9s
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |