Skip Quicknav

• About Debian
• News
• Getting Debian
• Support
• Developers' Corner
• Site map
• Search

Debian Security Advisory

canna server -- buffer overflow

Date Reported:

01 Jul 2000

Affected Packages:

canna

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2000-0584.

More information:

The canna package as distributed in Debian GNU/Linux 2.1 can be remotely exploited to gain access. This could be done by overflowing a buffer by sending a SR_INIT command with a very long username or groupname.

This has been fixed in version 3.5b2-24slink1, and we recommend that you upgrade your canna package immediately.

Fixed in:

Source:

http://security.debian.org/dists/slink/updates/source/canna_3.5b2-24slink1.diff.gz

http://security.debian.org/dists/slink/updates/source/canna_3.5b2-24slink1.dsc

http://security.debian.org/dists/slink/updates/source/canna_3.5b2.orig.tar.gz

alpha:

http://security.debian.org/dists/slink/updates/binary-alpha/canna-utils_3.5b2-24slink1_alpha.deb

http://security.debian.org/dists/slink/updates/binary-alpha/canna_3.5b2-24slink1_alpha.deb

http://security.debian.org/dists/slink/updates/binary-alpha/libcanna1g-dev_3.5b2-24slink1_alpha.deb

http://security.debian.org/dists/slink/updates/binary-alpha/libcanna1g_3.5b2-24slink1_alpha.deb

i386:

http://security.debian.org/dists/slink/updates/binary-i386/canna-utils_3.5b2-24slink1_i386.deb

http://security.debian.org/dists/slink/updates/binary-i386/canna_3.5b2-24slink1_i386.deb

http://security.debian.org/dists/slink/updates/binary-i386/libcanna1g-dev_3.5b2-24slink1_i386.deb

http://security.debian.org/dists/slink/updates/binary-i386/libcanna1g_3.5b2-24slink1_i386.deb

m68k:

http://security.debian.org/dists/slink/updates/binary-m68k/canna-utils_3.5b2-24slink1_m68k.deb

http://security.debian.org/dists/slink/updates/binary-m68k/canna_3.5b2-24slink1_m68k.deb

http://security.debian.org/dists/slink/updates/binary-m68k/libcanna1g-dev_3.5b2-24slink1_m68k.deb

http://security.debian.org/dists/slink/updates/binary-m68k/libcanna1g_3.5b2-24slink1_m68k.deb

sparc:

http://security.debian.org/dists/slink/updates/binary-sparc/canna-utils_3.5b2-24slink1_sparc.deb

http://security.debian.org/dists/slink/updates/binary-sparc/canna_3.5b2-24slink1_sparc.deb

http://security.debian.org/dists/slink/updates/binary-sparc/libcanna1g-dev_3.5b2-24slink1_sparc.deb

http://security.debian.org/dists/slink/updates/binary-sparc/libcanna1g_3.5b2-24slink1_sparc.deb

This page is also available in the following languages:

Deutsch español français 日本語 (Nihongo) svenska

How to set the default document language