Debian Security Advisory
netstd -- buffer overflows in bootpd and ftp
- Date Reported:
- 04 Jan 1999
- Affected Packages:
- netstd
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-1999-0914, CVE-1999-0389.
- More information:
-
We have received reports that the netstd suffered from two buffer
overflows. The first problem is an exploitable buffer overflow in the
bootp server. The second problem is an overflow in the FTP client. Both
problems are fixed in a new netstd package, version 3.07-2hamm.4.
We recommend you upgrade your netstd package immediately.
- Fixed in:
-
- Source:
- http://ftp.debian.org/debian/dists/stable/main/source/net/netstd_3.07.orig.tar.gz
- http://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4.diff.gz
- http://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4.dsc
- http://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4.diff.gz
- Intel:
- http://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4_i386.deb
- Motorola 680x0:
- http://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4_m68k.deb