Multiple Linux Vendor restore Buffer Overflow Vulnerability
BID:1330
Info
Multiple Linux Vendor restore Buffer Overflow Vulnerability
| Bugtraq ID: | 1330 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2000-0520 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 07 2000 12:00AM |
| Updated: | Jul 11 2009 02:56AM |
| Credit: | This vulnerability was posted to the Bugzilla bug tracking database for dump by Stan Bubrouski <[email protected]> on June 2, 2000. This vulnerability was posted to the Bugtraq mailing list by Riley Hassell <[email protected]> |
| Vulnerable: |
Stelian Pop dump 0.4 b9-9 Stelian Pop dump 0.4 b9-0 Stelian Pop dump 0.4 b17-0 Stelian Pop dump 0.4 b16-0 Stelian Pop dump 0.4 b15-30 Stelian Pop dump 0.4 b15-1 |
| Not Vulnerable: |
Stelian Pop dump 0.4 b18-0 |
Exploit / POC
Multiple Linux Vendor restore Buffer Overflow Vulnerability
Exploit available:
Exploit available:
Solution / Fix
Multiple Linux Vendor restore Buffer Overflow Vulnerability
Solution:
The package has been patched by its maintainer, and a new version released.
Linux-Mandrake 6.0:
828d750c80c021c6253cac0191486fb1 6.0/RPMS/dump-0.4b18-1mdk.i586.rpm
3e6355619c5ee93ac3505efdb35831fe 6.0/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 6.0/SRPMS/dump-0.4b18-1mdk.src.rpm
Linux-Mandrake 6.1:
5a6587e3320eefb639ff4dad95e291be 6.1/RPMS/dump-0.4b18-1mdk.i586.rpm
582e35490586bcf04f1d35dcb04b6b23 6.1/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 6.1/SRPMS/dump-0.4b18-1mdk.src.rpm
Linux-Mandrake 7.0:
6f9918a61ced3dd8d20cf2b9b34508d8 7.0/RPMS/dump-0.4b18-1mdk.i586.rpm
59c52401e9eb452fe9876d99cf2448bf 7.0/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 7.0/SRPMS/dump-0.4b18-1mdk.src.rpm
Linux-Mandrake 7.1:
1c14f72e09d69fcd4645ea2bd80c4ab3 7.1/RPMS/dump-0.4b18-1mdk.i586.rpm
6d419e7e52dda174f7250b1b59c6b614 7.1/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 7.1/SRPMS/dump-0.4b18-1mdk.src.rpm
To upgrade automatically, use < MandrakeUpdate >
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and uprade with "rpm -Uvh package_name".
You can download the updates directly from:
ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates
Stelian Pop dump 0.4 b15-30
Stelian Pop dump 0.4 b16-0
Stelian Pop dump 0.4 b9-9
Stelian Pop dump 0.4 b17-0
Stelian Pop dump 0.4 b9-0
Stelian Pop dump 0.4 b15-1
Solution:
The package has been patched by its maintainer, and a new version released.
Linux-Mandrake 6.0:
828d750c80c021c6253cac0191486fb1 6.0/RPMS/dump-0.4b18-1mdk.i586.rpm
3e6355619c5ee93ac3505efdb35831fe 6.0/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 6.0/SRPMS/dump-0.4b18-1mdk.src.rpm
Linux-Mandrake 6.1:
5a6587e3320eefb639ff4dad95e291be 6.1/RPMS/dump-0.4b18-1mdk.i586.rpm
582e35490586bcf04f1d35dcb04b6b23 6.1/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 6.1/SRPMS/dump-0.4b18-1mdk.src.rpm
Linux-Mandrake 7.0:
6f9918a61ced3dd8d20cf2b9b34508d8 7.0/RPMS/dump-0.4b18-1mdk.i586.rpm
59c52401e9eb452fe9876d99cf2448bf 7.0/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 7.0/SRPMS/dump-0.4b18-1mdk.src.rpm
Linux-Mandrake 7.1:
1c14f72e09d69fcd4645ea2bd80c4ab3 7.1/RPMS/dump-0.4b18-1mdk.i586.rpm
6d419e7e52dda174f7250b1b59c6b614 7.1/RPMS/rmt-0.4b18-1mdk.i586.rpm
4ff0d0a768b603f22a40745da303e365 7.1/SRPMS/dump-0.4b18-1mdk.src.rpm
To upgrade automatically, use < MandrakeUpdate >
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and uprade with "rpm -Uvh package_name".
You can download the updates directly from:
ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates
Stelian Pop dump 0.4 b15-30
-
Stelian Pop dump-0.4b18
http://dump.sourceforge.net
Stelian Pop dump 0.4 b16-0
-
Stelian Pop dump-0.4b18
http://dump.sourceforge.net
Stelian Pop dump 0.4 b9-9
-
Stelian Pop dump-0.4b18
http://dump.sourceforge.net
Stelian Pop dump 0.4 b17-0
-
Stelian Pop dump-0.4b18
http://dump.sourceforge.net
Stelian Pop dump 0.4 b9-0
-
Stelian Pop dump-0.4b18
http://dump.sourceforge.net
Stelian Pop dump 0.4 b15-1
-
Stelian Pop dump-0.4b18
http://dump.sourceforge.net
References
Multiple Linux Vendor restore Buffer Overflow Vulnerability
References:
References:
- Bugzilla: typo in tape.c potential hazard (Stan Bubrouski / Red Hat)