Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:5414
HistoryNov 17, 2003 - 12:00 a.m.

[SECURITY] [DSA 402-1] New minimalist package fixes remote command execution

2003-11-1700:00:00
vulners.com
11
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA 402-1 [email protected]
http://www.debian.org/security/ Martin Schulze
November 17th, 2003 http://www.debian.org/security/faq

Package : minimalist
Vulnerability : unsanitised input
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2003-0902

A security-related problem has been discovered in minimalist, a
mailing list manager, which allows a remote attacker to execute
arbitrary commands.

For the stable distribution (woody) this problem has been fixed in
version 2.2-4.

For the unstable distribution (sid) this problem has been fixed in
version 2.4-1.

We recommend that you upgrade your minimalist package.

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/m/minimalist/minimalist_2.2-4.dsc
  Size/MD5 checksum:      867 c068640f2b93412e07368555a63d9b14
http://security.debian.org/pool/updates/main/m/minimalist/minimalist_2.2-4.diff.gz
  Size/MD5 checksum:     2583 2779834a5def11d42c31843cf50f7d4e
http://security.debian.org/pool/updates/main/m/minimalist/minimalist_2.2.orig.tar.gz
  Size/MD5 checksum:    18135 cda434d02c6a8bd5ed7220af71613d40

Architecture independent components:

http://security.debian.org/pool/updates/main/m/minimalist/minimalist_2.2-4_all.deb
  Size/MD5 checksum:    25608 e4b9822b1af1cf3e3d4f3dc353dd012d

These files will probably be moved into the stable distribution on
its next revision.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/uIXlW5ql+IAeqTIRAns4AJ9/sHNmRhNvP9RrWQos3JX9YOPACgCcCMCS
NJfyBXT8kkNuqqjQ3kT1VUw=
=3/UQ
-----END PGP SIGNATURE-----

Related

debian 2
openvas 2
cve 1
osv 1
nessus 1
debian
debian
[SECURITY] [DSA 402-1] New minimalist package fixes remote command execution
2003-11-17 08:25:10
[SECURITY] [DSA 402-1] New minimalist package fixes remote command execution
2003-11-17 08:25:10
openvas
openvas
Debian: Security Advisory (DSA-402)
2008-01-17 00:00:00
Debian Security Advisory DSA 402-1 (minimalist)
2008-01-17 00:00:00
cve
cve
CVE-2003-0902
2004-02-03 05:00:00
osv
osv
minimalist - unsanitised input
2003-11-17 00:00:00
nessus
nessus
Debian DSA-402-1 : minimalist - unsanitised input
2004-09-29 00:00:00
JSON
Related for SECURITYVULNS:DOC:5414
debian2openvas2cve1osv1nessus1