Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

If you don't have an account yet, visit the registration page to sign up.

If you already have an account, you may login here:

Today's Big Story

Why I Ditched Linux for Samsung DeX

LXer Features

Linux That's Small

Encryption, Trust, and the Hidden Dangers of Vendor-Controlled Data

My Linux Mint Tribute

How I Turned My Chromebook Into A "Mintbook"

Adventures With My New Chromebook

My Linux Laptop

Have something to say?

Ready to be published? LXer is read by around 350,000 individuals each month, and is an excellent place for you to publish your ideas, thoughts, reviews, complaints, etc. Do you have something to say to the Linux community?

Publish it here.

DaniWeb Linux Community
An exciting professional discussion group about software development, php, shell scripting, networking, ruby, and more.

Latest Discussions

Good Advice

Straight frwd run archinstall 3.0.0 crashes in pipewiire section

Hyprland 0.45.0 has just been released for Arch Linux based

See Activation Cube feature on Fedora 41 KDE Spin in VENV

You don't need AI to know how this goes

Should be a SNL skit

Please add https to lxer.com

Anyone remember Distrotest.net? I found a new one!

Site Menu

Other News

- LWN.net
Their weekly coverage of Linux news is unmatched in this community.

- LinuxGizmos.com
Excellent news for embedded Linux.

- LinuxQuestions.org
Discussion forums for Linux users.

LinuxQuestions.org is a friendly and active Linux Community with forums, reviews, a hardware compatibility list, a wiki, tutorials, a download site, a podcast and more.

Debian alert: New falconseye packages fix buffer overflow

Posted by dave on Jul 15, 2003 5:06 AM EDT
Mailing list

Mail this story
Print this story

The falconseye package is vulnerable to a buffer overflow exploited via a long '-s' command line option. This vulnerability could be used by an attacker to gain gid 'games' on a system where falconseye is installed.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 350-1                     security@debian.org
http://www.debian.org/security/                             Matt Zimmerman
July 15th, 2003                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : falconseye
Vulnerability  : buffer overflow
Problem-Type   : local
Debian-specific: no
CVE Id         : CAN-2003-0358

The falconseye package is vulnerable to a buffer overflow exploited
via a long '-s' command line option.  This vulnerability could be used
by an attacker to gain gid 'games' on a system where falconseye is
installed.

Note that falconseye does not contain the file permission error
CAN-2003-0359 which affected some other nethack packages.

For the stable distribution (woody) this problem has been fixed in
version 1.9.3-7woody3.

For the unstable distribution (sid) this problem has been fixed in
version 1.9.3-9.

We recommend that you update your falconseye package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3.dsc
      Size/MD5 checksum:      700 b11f92392768f7513c5d4f113faf113d
    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3.diff.gz
      Size/MD5 checksum:    14939 70aeba2469a22234e1d6c659c47e848a
    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3.orig.tar.gz
      Size/MD5 checksum:  8237462 1f5a837d76b64bf52cfe0033924fb37e

  Architecture independent components:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye-data_1.9.3-7woody3_all.deb
      Size/MD5 checksum:  4991316 520ff0f0be13cfa42baa65af97f0b55e

  Alpha architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_alpha.deb
      Size/MD5 checksum:  1149664 3ff9e27ffa544fd1e5e2e8ddde03e1d5

  ARM architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_arm.deb
      Size/MD5 checksum:   873900 1d50f9f972b15030de3923f9376a870b

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_i386.deb
      Size/MD5 checksum:   774438 f9df67fd1d58100b46aaf348d9678472

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_ia64.deb
      Size/MD5 checksum:  1381860 1a7d26c1962f3e222bd162b1d1f48359

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_hppa.deb
      Size/MD5 checksum:  1000060 7a106848005c7d98a4f85112dcfe4962

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_m68k.deb
      Size/MD5 checksum:   728580 dfe5e7296df28eebd191debcb081097c

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_mips.deb
      Size/MD5 checksum:   935716 15224a235dc364839e9bd41dd86f21f5

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_mipsel.deb
      Size/MD5 checksum:   936784 c9b192045d43213a567a88eca6775dab

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_powerpc.deb
      Size/MD5 checksum:   881438 6e383fb41473e7433db1c88a05916c94

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_s390.deb
      Size/MD5 checksum:   854812 aa044dc021a572309b65c7d7ce821dca

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/f/falconseye/falconseye_1.9.3-7woody3_sparc.deb
      Size/MD5 checksum:   894254 0aaa7b6c9f8918aab550ea5e4af07a49

You may use an automated update by adding the resources from the
footer to the proper configuration.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/E/wtArxCt0PiXR4RAro9AKCDAs88QggqhUp4i4hQdJxDSADubQCcDDxn
pOu2FUsAyCf2H1cQJ+jLaE4=
=qoyI
-----END PGP SIGNATURE-----

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software