---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Debian update for linux-ftpd SECUNIA ADVISORY ID: SA22997 VERIFY ADVISORY: http://secunia.com/advisories/22997/ CRITICAL: Less critical IMPACT: Exposure of sensitive information, Privilege escalation WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for linux-ftpd. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, or perform certain actions with escalated privileges. For more information: SA22816 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/l/linux-ftpd/linux-ftpd_0.17-20sarge2.dsc Size/MD5 checksum: 610 371222af9e3f445d8b1a0622f3a70382 http://security.debian.org/pool/updates/main/l/linux-ftpd/linux-ftpd_0.17-20sarge2.diff.gz Size/MD5 checksum: 16034 3848d3d15b78aa4dd17b0e09c64b15a8 http://security.debian.org/pool/updates/main/l/linux-ftpd/linux-ftpd_0.17.orig.tar.gz Size/MD5 checksum: 46763 f5f491564812db5d8783daa538c49186 Alpha architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_alpha.deb Size/MD5 checksum: 49118 caeecd835e084796f921fd1941fc8912 AMD64 architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_amd64.deb Size/MD5 checksum: 44858 bb6746d34dac3b9304dae0551c6355f4 ARM architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_arm.deb Size/MD5 checksum: 44090 baa6dc258bbba352aad5d59bbc03f87b HP Precision architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_hppa.deb Size/MD5 checksum: 47430 d856102807f47f8dac3a0b383c1149b4 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_i386.deb Size/MD5 checksum: 43310 10ce0c8367e83b1ce1419b244753dcc0 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_ia64.deb Size/MD5 checksum: 57366 2121d4017c33f4968230011b27d56bfc Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_m68k.deb Size/MD5 checksum: 40914 81af10a14af21fa4a73a97d4b7581cba Big endian MIPS architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_mips.deb Size/MD5 checksum: 46802 ef336e8a944121be9974ae72d6ee5ae8 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_mipsel.deb Size/MD5 checksum: 46746 05aa9e2e9c127110d09f345e2a6367d1 PowerPC architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_powerpc.deb Size/MD5 checksum: 46712 6932bbad8b6852a3776b40196d28dee1 IBM S/390 architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_s390.deb Size/MD5 checksum: 45992 a0b2bad9c6b04889be2c7b87840769c6 Sun Sparc architecture: http://security.debian.org/pool/updates/main/l/linux-ftpd/ftpd_0.17-20sarge2_sparc.deb Size/MD5 checksum: 43366 a92a7561358f005be3ff58c73a4c4b7b -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.17-22. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1217 OTHER REFERENCES: SA22816: http://secunia.com/advisories/22816/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------