Slackware releases updated libtermcapAug 29, 1999, 13:21 (0 Talkback[s])
Patrick J. Volkerding posted to the slackware-security mailing list:
A buffer overflow has been identified in libtermcap.so.2.0.8 as found in Slackware 4.0 and earlier, and an exploit for the problem was posted on BugTraq today. The exploit (using setuid root /usr/X11R6/bin/xterm) allows anyone with access to X on the machine to get a root shell. Several packages have been uploaded to ftp://ftp.cdrom.com/pub/linux/slackware-4.0/ that fix this security hole.
The ChangeLog.txt entry and MD5 sums for the uploaded packages follow:
Sat Aug 28 20:18:45 CDT 1999
MD5 sums: d01747b9ffc7c9120f07995ec4e0cb02 slakware/a4/elflibs.tgz 4dee2fd9b1186120793e25661691a1e9 slakware/d1/libc.tgz ba830ade8b7155f8834971119fb98d19 slakware/x1/xbin.tgz 9cd13b1169aa95a3e81d5a65ed12c444 patches/termcap.tgz 3e15d3264664f650e2075c29234edfea patches/xterm.tgz
0 Talkback[s] (click to add your comment)