Debian GNU/Linux Advisories: net-acct, libapache-mod-dav | Linux Today

Debian GNU/Linux Advisories: net-acct, libapache-mod-dav

Written By
Web Webster
Web Webster
Oct 6, 2004

Debian Security Advisory DSA 559-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 6th, 2004 http://www.debian.org/security/faq


Package : net-acct
Vulnerability : insecure temporary file
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0851
Debian Bug : 270359

Stefan Nordhausen has identified a local security hole in
net-acct, a user-mode IP accounting daemon. Old and redundant code
from some time way back in the past created a temporary file in an
insecure fashion.

For the stable distribution (woody) this problem has been fixed
in version 0.71-5woody1.

For the unstable distribution (sid) this problem has been fixed
in version 0.71-7.

We recommend that you upgrade your net-acct package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1.dsc

Size/MD5 checksum: 562 72c93549d6dd86d7365d206706ff9a62

http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1.diff.gz

Size/MD5 checksum: 9950 ab1dd923a4e18d520793c34738d2a8f4

http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71.orig.tar.gz

Size/MD5 checksum: 44741 87daae6d4b06144534205b3fc201c058

Alpha architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_alpha.deb

Size/MD5 checksum: 52922 339d98c59e34655dc8762e076251fbd3

ARM architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_arm.deb

Size/MD5 checksum: 50096 f7a21521634202264dacfae238716bf5

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_i386.deb

Size/MD5 checksum: 49346 c90d2f7b3f777905c5f8f90f8edd6b57

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_ia64.deb

Size/MD5 checksum: 58530 df761be43caec7fa543d37279c265afd

HP Precision architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_hppa.deb

Size/MD5 checksum: 51702 145f469e3c2bfae125ff4e0a23729a0a

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_m68k.deb

Size/MD5 checksum: 46882 e1dabe763136c5cfd0b04de8fd691fb7

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_mips.deb

Size/MD5 checksum: 49332 7393517e4ac4f83e0fbc6efda5118a2f

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_mipsel.deb

Size/MD5 checksum: 49380 60ae8a7d4c1265fb07adaaf6d49cbe2f

PowerPC architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_powerpc.deb

Size/MD5 checksum: 49824 3442f397b0db858aa4bfb9e4d418a5f4

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_s390.deb

Size/MD5 checksum: 47688 69c06b385a4ff25df34dd60052c88fc4

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/n/net-acct/net-acct_0.71-5woody1_sparc.deb

Size/MD5 checksum: 51684 083a1078e261fd3621f37f17c8305885

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>


Debian Security Advisory DSA 558-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 6th, 2004 http://www.debian.org/security/faq


Package : libapache-mod-dav
Vulnerability : null pointer dereference
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0809

Julian Reschke reported a problem in mod_dav of Apache 2 in
connection with a NULL pointer dereference. When running in a
threaded model, especially with Apache 2, a segmentation fault can
take out a whole process and hence create a denial of service for
the whole server.

For the stable distribution (woody) this problem has been fixed
in version 1.0.3-3.1.

For the unstable distribution (sid) this problem has been fixed
in version 1.0.3-10 of libapache-mod-dav and in version 2.0.51-1 of
Apache 2.

We recommend that you upgrade your mod_dav packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1.dsc

Size/MD5 checksum: 645 5b405cd8fe0471edd793343ef8237b26

http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1.diff.gz

Size/MD5 checksum: 4523 94edc74f33414e93af4ca7fa849b3fb3

http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3.orig.tar.gz

Size/MD5 checksum: 185284 ba83f2aa6e13b216a11d465b82aab484

Alpha architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_alpha.deb

Size/MD5 checksum: 96522 7e5d5d2184629de6be880eb0650d7fd1

ARM architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_arm.deb

Size/MD5 checksum: 81860 fbe2d647e0037436d710ee857c947a52

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_i386.deb

Size/MD5 checksum: 80122 dfaab95268192557f711ab9fbd7f9f9b

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_ia64.deb

Size/MD5 checksum: 116596 bb369037b3d2ee0110c15d0b085a410b

HP Precision architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_hppa.deb

Size/MD5 checksum: 90406 fc707743732c491c29bfdb21d469736f

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_m68k.deb

Size/MD5 checksum: 80030 1b434a6598c06e23f3bb253867f59ae5

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_mips.deb

Size/MD5 checksum: 84944 a422f253d772ca1c2dae84bac0bb79ea

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_mipsel.deb

Size/MD5 checksum: 85094 4cf00ccacd87e2295af6618987950e13

PowerPC architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_powerpc.deb

Size/MD5 checksum: 84516 853b2929e7f371e79f153f6c57414a1f

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_s390.deb

Size/MD5 checksum: 82424 7f092c974abfe792278c925bdd345775

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/liba/libapache-mod-dav/libapache-mod-dav_1.0.3-3.1_sparc.deb

Size/MD5 checksum: 92438 77bdcf29501a581a1cb768af644c923b

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.