SuSE Security Announcement: wmaker/WindowMaker (SuSE-SA:2001:032)
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: wmaker/WindowMaker
Announcement-ID: SuSE-SA:2001:032
Date: Thursday, September 20th 2001 15:10 MEST
Affected SuSE versions: (6.0, 6.1, 6.2,) 6.3, 6.4, 7.0, 7.1, 7.2
Vulnerability Type: remote privilege escalation
Severity (1-10): 5
SuSE default package: no
Other affected systems: all Unix systems running
Window Maker < 0.65.1
Content of this advisory:
1) security vulnerability resolved: Window Maker
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The window manager Window Maker was found vulnerable to a buffer overflow
due to improper bounds checking when setting the window title.
An attacker can remotely exploit this buffer overflow by using malicious
web page titles or terminal escape sequences to set a excessively long
window title.
This attack can lead to remote command execution with the privileges of
the user running Window Maker.
A temporary fix does not exist; we recommend to update your system with
the new RPM from our FTP server.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Uhv file.rpm" to apply
the update.
After installing the updated RPM
- run /sbin/SuSEconfig (the central configuration utility in SuSE Linux
distributions)
- restart your window manager. If this is not possible for configura-
tional reasons, restart your x-session.
i386 Intel Platform:
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/xwm1/WindowMaker-0.64.0-82.i386.rpm
0f5508e10089deecf34b51ab8c007bbf
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/WindowMaker-0.64.0-82.src.rpm
6472b87eb8a841d5cefe4f0889f9b4e1
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/xwm1/WindowMaker-0.62.1-25.i386.rpm
39c69fab92923eca0cf1f0e077232fef
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/WindowMaker-0.62.1-25.src.rpm
a8c32f85125bbe7bf041335100e447b8
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/xwm1/wmaker-0.62.1-42.i386.rpm
d825fa6cd78643e880bb89464594a464
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/wmaker-0.62.1-42.src.rpm
bd6e55a9b16e836065f59b4dc824416f
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/xwm1/wmaker-0.61.1-59.i386.rpm
7de5a334c4fbbeb6ef3d79d197a585c1
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/wmaker-0.61.1-59.src.rpm
4471d22b705b8b24a1808729a32d1764
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/xwm1/wmaker-0.61.1-59.i386.rpm
8c8453b37e7b69008be2be4929a62d80
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/wmaker-0.61.1-59.src.rpm
0c96f81234e787a48b8d2df4e698843a
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/xwm1/WindowMaker-0.62.1-17.sparc.rpm
c19bc73ccc235bbd35d1e8953cfbabbb
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/WindowMaker-0.62.1-17.src.rpm
e60425cb8ae38b16a3aac3fa23a6c54f
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/xwm1/wmaker-0.62.1-2.sparc.rpm
9f0a23eddb8b9dbfc07288871388ff34
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/wmaker-0.62.1-2.src.rpm
a95d995b1ea164b8c93a9fc308f703d1
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/xwm1/WindowMaker-0.62.1-23.alpha.rpm
55cf56c7bea8fa3e9cf7ca2c90457249
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/WindowMaker-0.62.1-23.src.rpm
7b5bc50ad9e854dc2858a1b0a08385d5
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/xwm1/wmaker-0.62.1-5.alpha.rpm
6e7e01c1a1ef1e2ac751638dd7e31d21
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/wmaker-0.62.1-5.src.rpm
2ee34d67aba5c06878623e3ca50f47d1
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/xwm1/wmaker-0.61.1-57.alpha.rpm
dcbfdaf729cb823046f3dc6e913fcf1b
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/wmaker-0.61.1-57.src.rpm
3d045c4fd65d2ce9b69a1890d71fd59a
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/xwm1/wmaker-0.61.1-57.alpha.rpm
6c17c78ef0fe2971b29fe1a2300c4fc3
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/wmaker-0.61.1-57.src.rpm
f01b2923ebc6e4e6a52b75e8597cbe50
PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/xwm1/WindowMaker-0.62.1-18.ppc.rpm
00f099cc26983691641ed041441abfc2
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/WindowMaker-0.62.1-18.src.rpm
1941b4c46eeb3e4fe4a7e3a1c79ae8a5
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/xwm1/wmaker-0.62.1-49.ppc.rpm
f5ef503d073a7e9e34cf28e4eb56fbaa
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/wmaker-0.62.1-49.src.rpm
362468904bd119c44f2c2baa1312a116
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/xwm1/wmaker-0.61.1-56.ppc.rpm
0408f29d40eebf5bbc84bdcf14a03c5f
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/wmaker-0.61.1-56.src.rpm
50c1a727aec53feb76f451854657b6c8
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- SuSE Linux distributions do not contain the sftp-server as described by
Peter W
Le Jeudi 20 Septembre 2001 23:52, Thomas Biege a écrit :
-----BEGIN PGP SIGNED MESSAGE-----
___________________________________________________________________________ ___
SuSE Security Announcement
Package: wmaker/WindowMaker
I received this twice, one on this list (suse-security) an an other on suse-security-annouce. is this the normal way? if so I can cancel the annouce subscription. thanks jdd -- http://www.dodin.net mailto:jdanield@dodin.net WHO'S THAT GUY ? Help me found it Russia & South america help needed http://www.dodin.net/serge/index.html
SuSE Security Announcement
Package: wmaker/WindowMaker
I received this twice, one on this list (suse-security) an an other on suse-security-annouce.
is this the normal way? if so I can cancel the annouce subscription.
This has always been the case. We do not send out announcements to other lists than suse-security-announce@ if we haven't seen our own mail from suse-security-announce@. Which means that you get the mail the fastest way through suse-security-announce@. Roman.
On Fri, 21 Sep 2001, jdd wrote:
Le Jeudi 20 Septembre 2001 23:52, Thomas Biege a écrit :
-----BEGIN PGP SIGNED MESSAGE-----
___________________________________________________________________________ ___
SuSE Security Announcement
Package: wmaker/WindowMaker
I received this twice, one on this list (suse-security) an an other on suse-security-annouce.
jepp, that's normal.
is this the normal way? if so I can cancel the annouce subscription.
yes, if you like too. :) Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: thomas@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka" Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84
participants (3)
-
jdd
-
Roman Drahtmueller
-
Thomas Biege