Processed: Re: [dendler@idefense.com: iDEFENSE Security Advisory: Linuxconf locally exploitable buffer overflow]

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

> tags 158637 + unreproducible
Bug#158637: [EMAIL PROTECTED]: iDEFENSE Security Advisory: Linuxconf locally 
exploitable buffer overflow]
Tags added: unreproducible

> > This vulnerability affects any version of linuxconf
Unknown command or malformed arguments to command.

> > (essentially 6 years worth of distributions) that is installed
Unknown command or malformed arguments to command.

> > setuid root.
Unknown command or malformed arguments to command.

> FYI: Debian does *not* install linuxconf setuid root.
Unknown command or malformed arguments to command.

> Michael
Unknown command or malformed arguments to command.

Too many unknown commands, stopping here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Processed: Re: [dendler@idefense.com: iDEFENSE Security Advisory: Linuxconf locally exploitable buffer overflow]

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

> tags 158637 + patch
Bug#158637: [EMAIL PROTECTED]: iDEFENSE Security Advisory: Linuxconf locally 
exploitable buffer overflow]
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Bug#158637: [dendler@idefense.com: iDEFENSE Security Advisory: Linuxconf locally exploitable buffer overflow]

[Michael Banck]

tags 158637 + patch
thanks

As I stated, debian's linuxconf package should not be vulnerable, as it
is not installed setuid root.

Nevertheless, I've backported the patch from the latest upstream
version, which makes the exploit[1] fail even if you happen to set
linuxconf setuid root.

cheers,

Michael

-- 
http://www.securiteam.com/exploits/5CP0F0K8BW.html
diff -Naur linuxconf-1.28r3/translate/translat.cc 
linuxconf-1.28r4.orig/translate/translat.cc
--- linuxconf-1.28r3/translate/translat.cc  1999-12-13 04:18:48.0 
+0100
+++ linuxconf-1.28r4.orig/translate/translat.cc 2002-08-19 20:45:48.0 
+0200
@@ -85,6 +85,7 @@
}
 }
 static char *pterr = NULL;
+#define MAXERR_SIZE 2000
 /*
Print an error message and increment the err counter
 */
@@ -92,7 +93,7 @@
 {
va_list list;
va_start (list,msg);
-   pterr += vsprintf (pterr,msg,list);
+   pterr += vsnprintf (pterr,MAXERR_SIZE,msg,list);
va_end (list);
 }
 
@@ -196,13 +197,13 @@
Load the message dictionnary.
Terminate the application if any error.
 */
-int translat_load (
+static int translat_loaderr (
const char *basepath,   // Directory holding dictionnaries
const char *basename,   // base name of the dictionnary
// the language 
selection will supply
// the extension.
const char *lang,   // Suffix for the language
-   char *errmsg)   // Will contain the error message
+   char errmsg[MAXERR_SIZE])   // Will contain the 
error message
 {
int ret = -1;
errmsg[0] = '\0';
@@ -250,8 +251,8 @@
// the extension.
const char *lang)
 {
-   char errmsg[2000];
-   if (translat_load (basepath,basename,lang,errmsg)==-1){
+   char errmsg[MAXERR_SIZE];
+   if (translat_loaderr (basepath,basename,lang,errmsg)==-1){
fprintf (stderr,"%s",errmsg);
exit (-1);
}
@@ -298,10 +299,10 @@
}
const char *lang = deflang;
const char *lang_env = getenv(envlangvar);
-   if (lang_env != NULL) lang = lang_env;
+   if (lang_env != NULL && strlen(lang_env)<=5) lang = lang_env;
 
-   char errmsg[2000];
-   if (translat_load (basepath,basename,lang,errmsg)==-1){
+   char errmsg[MAXERR_SIZE];
+   if (translat_loaderr (basepath,basename,lang,errmsg)==-1){
if (strcmp(lang,"eng")!=0){
bool showerr = getenv ("SHOWDICERR")!=NULL;
if (showerr){

Processed: patch 135445

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

> tags 135445 + patch
Bug#135445: kinkatta: Please add more information to the extended description
Tags added: patch

> thank you
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Bug#135445: kinkatta: Please add more information to the extended description

[Dennis Stampfer]

Hey!

There is no real "Features"-List or description on upstream's Website. I 
looked through the website and collected a few features.
Please correct typos/grammar mistakes before uploading, because I am not a
native english speaker.

regards,
  Dennis

Description: Fully configurable AOL instant messenger client for KDE
 Kinkatta is a fully configurable AOL instant messenger client for KDE.
 Here is a small list of its features:
 .
  o Direct printing out of the chat window
  o Full Logging Support
  o Support for smiles
  o "/me"-Support (like in IRC)
  o Fully configurable chat-windows (font, color, background, ...)
  o Auto URL tagging
  o Flashing toolbar icon on new message(s)
  o Supports AOL Chatrooms
  o Supports user groups (eg. friends, school, ...)
  o Displays idle-time/last-on-time in main window
  o Permit/Deny options for users
  o Auto away. Away-Message-Template supports %n, %d and %t
  o Supports import/export of buddy lists
  o Fully configurable sound
  o Passwords are not saved as plain text

-- 
GUI? Das sind 10 xterms und ein Hintergrundbild!
GPG/PGP available at http://satanII.enemy.org/~seppy/gpg.asc

Bug#134742: 全市最便宜的市话通和CDMA和GSM手机

[yang]

CDMA手机900元送1300话费（每分钟0。20元）=
 现代1100市话通600元（含400话费
CDMA手机卡150元一张（含1000元话费）打市内电话相当于7分钱一分钟
SONY100市话通500元（送400话费
摩托罗拉老款手机120元一台
能上网的西门子3508手机430元
能上网的爱立信T29手机500元
市话通带机入台150元送400话费
详情请咨询26840989



DEMO版本发送

Trash MLM

[Howard W]

Earning is fast and fun with Free Store Club! Get an online SUPER STORE 
FREE! Start saving BIG! Start earning BIG! It's NEW, FREE, and HOT!
www.whang9.freestoreclub.com