Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Debian Security Advisory - slrn

Debian Security Advisory - slrn

by phiber on March 10th, 2001 Bill Nottingham reported a problem in the wrapping/unwrapping functions of the slrn newsreader. A long header in a message might overflow a buffer and which could result into executing arbitraty code encoded in the message.

The default configuration does not have wrapping enable, but it can easily be enabled either by changing the configuration or pressing W while viewing a message.




Package : slrn

Problem type : buffer overflow

Debian-specific: no



This has been fixed in version 0.9.6.2-9potato1 and we recommand
that you upgrade your slrn package immediately.



wget url

will fetch the file for you

dpkg -i file.deb

will install the referenced file.



- URLs are in the whole advisory, so download it.

Download this advisory

Visit Debian Security


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »