Debian Security Advisory: New version of ntop releasedAug 30, 2000, 00:54 (0 Talkback[s])
(Other stories by Wichert Akkerman)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
Date: Wed, 30 Aug 2000 00:36:33 +0200
Debian Security Advisory email@example.com http://www.debian.org/security/ Wichert Akkerman August 30, 2000
Package : ntop Problem type : remote exploit Debian-specific: noThe updated version of ntop (1.2a7-10) that was released on August 5 was found to still be insecure: it was still exploitable using buffer overflows. Using this technique it was possible to run arbitrary code as the user who ran ntop in web mode.
In order to permantly fix these problems an updated package has been released that disables web mode completely. The version of this fix is 1.2a7-11.
We recommend you upgrade or remove your ntop package immediately.
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures.
Intel ia32 architecture:
Motorola 680x0 architecture:
Sun Sparc architecture:
These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
0 Talkback[s] (click to add your comment)