-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : sniffit Version : 0.3.7.beta-16.1+deb7u1 CVE ID : CVE-2014-5439 Debian Bug : 845122
It was discovered that there was a buffer overflow in the packet sniffer and monitoring tool "sniffit" which allowed a specially-crafted configuration file to provide a root shell. For Debian 7 "Wheezy", this issue has been fixed in sniffit version 0.3.7.beta-16.1+deb7u1. We recommend that you upgrade your sniffit packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlgytIQACgkQHpU+J9Qx Hli+Xg/8DqE8r2nM1R9XCDJgUsjrwjn+AqTaRuNlJU+H5Di/lL/8nILDV8ho/oiL X7U1oRALlMarvt3uQ1gScbyXbgGuyy9QHUcOxCv6mnW08nSnjOFn/MbNEL6Ta/XC 75irodmHezSuZRWW8CxupJ4iHiTeYk/QAYpA48XzU0atIpztbb3QWMcSjOWcCfIC MUp6u0w7HPuVLX7QRxSavTBeHyG4DvdeLep6pXUkKvqz++i0DvIicNNDUHCIHcun B9TxCmUXwvnoUV9fuplIFbFFy/XZ4pBMAfAwuA9dLnVdGNFEIcUKY5Y7mvix0lLd lZXFzo9PgViDcVIeiUQ8wKHVPwO+fCUHosmD95vZpDjnPS89NkP+tYCXyZ4vEU8u K9MIkomItNgHHfVSJ9SUE8Bmwa9uo18N5D8a6qbxipgCmnri7S3aNO051T7pVXOk 21JIBahGJX5zovLXv5knbp2JNhYF5SLhT281zAvUpu7jrETRHGUZOO7Mp6fb9FXg var4uM9RPWUN5iFfbIapxAsX1naFSxRc2Wr8YOy4FAjsvT10QiET6tEV9Cvx8DrK 1pJWSizJmSKNKrQtUhS82GlFHc8UhJRnmn2SfUk6W/EatrSg1ftqvqlMMnO/Z0S8 1C54Wp2i3JXrWHnkXv+EShgD5OiXPS4lqZZz65/Uk0csu+rjlhs= =aIhU -----END PGP SIGNATURE-----