Debians sikkerhedsbulletin

DSA-1817-1 ctorrent -- stak-baseret bufferoverløb

Rapporteret den:

17. jun 2009

Berørte pakker:

ctorrent

Sårbar:

Referencer i sikkerhedsdatabaser:

I Debians fejlsporingssystem: Fejl 530255.
I Mitres CVE-ordbog: CVE-2009-1759.

Yderligere oplysninger:

Michael Brooks opdagede at ctorrent, en bittorrentklient til konsollen, ikke kontrollerede længden på filstier i torrent-filer. En angriber kunne udnytte det gennem en fabrikeret torrent, indeholdende en lang filsti, til at udføre vilkårlig kode med rettighederne hørende til den bruger, der åbnede filen.

Den gamle stabile distribution (etch) indeholder ikke.

I den stabile distribution (lenny), er dette problem rettet i version 1.3.4-dnh3.2-1+lenny1.

I distributionen testing (squeeze), vil dette problem snart blive rettet.

I den ustabile distribution (sid), er dette problem rettet i version 1.3.4-dnh3.2-1.1.

Vi anbefaler at du opgraderer dine ctorrent-pakker.

Rettet i:

Debian GNU/Linux 5.0 (lenny)

Kildekode:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1.diff.gz; http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1.dsc; http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2.orig.tar.gz
Alpha:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_amd64.deb
ARM:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_arm.deb
ARM EABI:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_armel.deb
HP Precision:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_ia64.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/c/ctorrent/ctorrent_1.3.4-dnh3.2-1+lenny1_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.