OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[SA17018] Debian update for backupninja

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Fri Sep 30 2005 - 17:25:02 CDT


TITLE:
Debian update for backupninja

SECUNIA ADVISORY ID:
SA17018

VERIFY ADVISORY:
http://secunia.com/advisories/17018/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for backupninja. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

For more information:
SA16995

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

Source archives:

http://security.debian.org/pool/updates/main/b/backupninja/backupninja_0.5-3sarge1.dsc
Size/MD5 checksum: 702 fca2a04a7e02aebb41e0d3361706dcd7
http://security.debian.org/pool/updates/main/b/backupninja/backupninja_0.5-3sarge1.diff.gz
Size/MD5 checksum: 9620 c6e317bdcfe2e5987ae5732208cfcf86
http://security.debian.org/pool/updates/main/b/backupninja/backupninja_0.5.orig.tar.gz
Size/MD5 checksum: 24667 94ff16fbd0ccffeb252de3d303626558

Architecture independent components:

http://security.debian.org/pool/updates/main/b/backupninja/backupninja_0.5-3sarge1_all.deb
Size/MD5 checksum: 30650 68b2d618fead50ee4f9a17ba818504d4

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.8-2.

ORIGINAL ADVISORY:
http://www.debian.org/security/2005/dsa-827

OTHER REFERENCES:
SA16995:
http://secunia.com/advisories/16995/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------