Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-040-1 slrn -- buffer overflow

Related Vulnerabilities: CVE-2001-0441  

Bill Nottingham reported a problem in the wrapping/unwrapping functions of the slrn newsreader. A long header in a message might overflow a buffer, which could result in executing arbitrary code encoded in the message. The default configuration does not have wrapping enable, but it can easily be enabled either by changing the configuration or pressing W while viewing a message. This has been fixed in version 0.9.6.2-9potato1 and we recommand that you upgrade your slrn package immediately.

Source

Debian Security Advisory

DSA-040-1 slrn -- buffer overflow

Date Reported:
09 Mar 2001
Affected Packages:
slrn
Vulnerable:
Yes
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 2493.
In Mitre's CVE dictionary: CVE-2001-0441.
More information:
Bill Nottingham reported a problem in the wrapping/unwrapping functions of the slrn newsreader. A long header in a message might overflow a buffer, which could result in executing arbitrary code encoded in the message.

The default configuration does not have wrapping enable, but it can easily be enabled either by changing the configuration or pressing W while viewing a message.

This has been fixed in version 0.9.6.2-9potato1 and we recommand that you upgrade your slrn package immediately.

Fixed in:

Debian 2.2 (potato)

Source:
http://security.debian.org/dists/stable/updates/main/source/slrn_0.9.6.2-9potato1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/slrn_0.9.6.2-9potato1.dsc
http://security.debian.org/dists/stable/updates/main/source/slrn_0.9.6.2.orig.tar.gz
alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/slrn_0.9.6.2-9potato1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/slrnpull_0.9.6.2-9potato1_alpha.deb
arm:
http://security.debian.org/dists/stable/updates/main/binary-arm/slrn_0.9.6.2-9potato1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/slrnpull_0.9.6.2-9potato1_arm.deb
i386:
http://security.debian.org/dists/stable/updates/main/binary-i386/slrn_0.9.6.2-9potato1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/slrnpull_0.9.6.2-9potato1_i386.deb
m68k:
http://security.debian.org/dists/stable/updates/main/binary-m68k/slrn_0.9.6.2-9potato1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/slrnpull_0.9.6.2-9potato1_m68k.deb
powerpc:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/slrn_0.9.6.2-9potato1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/slrnpull_0.9.6.2-9potato1_powerpc.deb
sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/slrn_0.9.6.2-9potato1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/slrnpull_0.9.6.2-9potato1_sparc.deb

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started