From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------- Debian Security Advisory DSA-1879-1
[email protected] http://www.debian.org/security/ Nico Golde September 4th, 2009
http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : silc-client/silc-toolkit
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2008-7159 CVE-2008-7160 CVE-2009-3051
Several vulnerabilities have been discovered in the software suite for the
SILC protocol, a network protocol designed to provide end-to-end security
for conferencing services. The Common Vulnerabilities and Exposures
project identifies the following problems:
An incorrect format string in sscanf() used in the ASN1 encoder to scan an
OID value could overwrite a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. On 64-bit architectures this could result in unexpected application behaviour or even code execution in some cases (CVE-2008-7159).
Various format string vulnerabilities when handling parsed SILC messages
allow an attacker to execute arbitrary code with the rights of the victim running the SILC client via crafted nick names or channel names containing format strings (CVE-2009-3051).
An incorrect format string in a sscanf() call used in the HTTP server
component of silcd could result in overwriting a neighbouring variable on
the stack as the destination data type is smaller than the source type on 64-bit. An attacker could exploit this by using crafted Content-Length
header values resulting in unexpected application behaviour or even code execution in some cases (CVE-2008-7160).
silc-server doesn't need an update as it uses the shared library provided
by silc-toolkit. silc-client/silc-toolkit in the oldstable distribution
(etch) is not affected by this problem.
For the stable distribution (lenny), this problem has been fixed in
version 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1
of silc-client.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client
(using libsilc from silc-toolkit since this upload).
We recommend that you upgrade your silc-toolkit/silc-client packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7-2+lenny1.dsc
Size/MD5 checksum: 1430 eff8a733cf7e4db92296533394f42b22
http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7.orig.tar.gz
Size/MD5 checksum: 2678989 4f2fa6678f4801fd7087b4f92dada6ee
http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7-2+lenny1.diff.gz
Size/MD5 checksum: 16935 1e5d1151029379a7ba135799dc1cd166
http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4-1+lenny1.dsc
Size/MD5 checksum: 1380 29601c3569b30b5e3d3307689c9c25f8
http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4.orig.tar.gz
Size/MD5 checksum: 2202993 979d46c78ace2dade513f33ad0081e85
http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4-1+lenny1.diff.gz
Size/MD5 checksum: 11593 efa43890947e5ba7a34631c689abcb60
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_alpha.deb
Size/MD5 checksum: 788516 0cd53c076d01f2ed2f3126385c2ec4e8
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_alpha.deb
Size/MD5 checksum: 720306 b21343d40a367e08b0e215b4a7575d4d
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_alpha.deb
Size/MD5 checksum: 2291652 9dc47295123af7ed95cdf10f2bb48f94
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_alpha.deb
Size/MD5 checksum: 684328 674dd1d1da7fcbd87789fb53a4128bef
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_alpha.deb
Size/MD5 checksum: 602432 76d7f386a31c02a31fefb10167611dea
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_amd64.deb
Size/MD5 checksum: 2010710 669d1bd65dc987f4e27263ddd427409d
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_amd64.deb
Size/MD5 checksum: 816352 569993e597e2bfb086558d79cf404404
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_amd64.deb
Size/MD5 checksum: 575504 8961ff37ee74c66f26ad8115e152e8a8
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_amd64.deb
Size/MD5 checksum: 682922 69d0986a3ee58796abcbd49bb67596e7
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_amd64.deb
Size/MD5 checksum: 636202 0be0cf64803db8179887baa654636a05
arm architecture (ARM)
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_arm.deb
Size/MD5 checksum: 530304 ef44fd7a87532a5eaa233bf8ff0fe35c
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_arm.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)