Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Mandrake MDKSA-2003:087: gkrellm buffer overflow

Mandrake MDKSA-2003:087: gkrellm buffer overflow

by Nikola Strahija on August 28th, 2003 A buffer overflow was discovered in gkrellmd, the server component of the gkrellm monitor package, in versions of gkrellm 2.1.x prior to 2.1.14. This buffer overflow occurs while reading data from connected gkrellm clients and can lead to possible arbitrary code execution as the user running the gkrellmd server.


__________________________________________________________________

Mandrake Linux Security Update Advisory
__________________________________________________________________

Package name: gkrellm
Advisory ID: MDKSA-2003:087
Date: August 28th, 2003

Affected versions: 9.1
__________________________________________________________________

Problem Description:

A buffer overflow was discovered in gkrellmd, the server component of
the gkrellm monitor package, in versions of gkrellm 2.1.x prior to
2.1.14. This buffer overflow occurs while reading data from connected
gkrellm clients and can lead to possible arbitrary code execution as
the user running the gkrellmd server.

Updated packages are available for Mandrake Linux 9.1 which correct the
problem.
__________________________________________________________________
References:
__________________________________________________________________

Updated Packages:

Mandrake Linux 9.1:
c02f29d80835be10c7474f7ecd1437ef 9.1/RPMS/gkrellm-2.1.7a-2.2mdk.i586.rpm
293591b66fa463f69a554ac2efcb1940 9.1/RPMS/gkrellm-devel-2.1.7a-2.2mdk.i586.rpm
a7b3793b971fef4865ba83d93b055b82 9.1/RPMS/gkrellm-server-2.1.7a-2.2mdk.i586.rpm
a3d8c546650754a5d69569a88d35782b 9.1/SRPMS/gkrellm-2.1.7a-2.2mdk.src.rpm

Mandrake Linux 9.1/PPC:
411b6128256554b16c3beeb53bbae224 ppc/9.1/RPMS/gkrellm-2.1.7a-2.2mdk.ppc.rpm
257691a20effd147d53d1dd9d93a12dd ppc/9.1/RPMS/gkrellm-devel-2.1.7a-2.2mdk.ppc.rpm
073b0b1f3d5b1b91776b7769bee8550c ppc/9.1/RPMS/gkrellm-server-2.1.7a-2.2mdk.ppc.rpm
a3d8c546650754a5d69569a88d35782b ppc/9.1/SRPMS/gkrellm-2.1.7a-2.2mdk.src.rpm
__________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
__________________________________________________________________

To upgrade automatically, use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team by executing:

gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other update advisories for Mandrake Linux at:

http://www.mandrakesecure.net/en/advisories/

MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:

http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team

__________________________________________________________________


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »