Debian Security Advisory
termcap-compat -- Buffer overflow
- Date Reported:
- 18 Aug 1999
- Affected Packages:
- termcap-compat
- Vulnerable:
- Yes
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 588.
In Mitre's CVE dictionary: CVE-1999-0192. - More information:
- We have received a report that former versions of
libtermcap contained an exploitable buffer overflow. Debian itself is not
exploitable by this bug since termcap was abandoned in favour of terminfo long
ago. However, if you have compiled your own programs using termcap or have
installed third party programs that depend on libtermcap and run as root they
are exploitable.
See Debian Bug#43141 for additional information.
- Fixed in:
-
- alpha:
- http://security.debian.org/dists/slink/updates/binary-alpha/termcap-compat_1.1.1.1.0slink1_alpha.deb
- i386:
- http://security.debian.org/dists/slink/updates/binary-i386/termcap-compat_1.1.1.1.0slink1_i386.deb
- m68k:
- http://security.debian.org/dists/slink/updates/binary-m68k/termcap-compat_1.1.1.1.0slink1_m68k.deb
- sparc:
- http://security.debian.org/dists/slink/updates/binary-sparc/termcap-compat_1.1.1.1.0slink1_sparc.deb