• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

University of Minnesota Gopherd FTP Gateway Buffer Overflow Vulnerability

Solution:
The maintainer has responded to advise users to migrate to PyGopherd, as UMN gohperd has been removed from distribution and is no longer supported.

Debian has released an advisory (DSA 387-1) and fixes to address this issue. See the referenced advisory for links to fixed packages.


University of Minnesota gopherd 3.0.3

• Debian gopher_3.0.3woody1_arm.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_arm.deb


• Debian gopher_3.0.3woody1_hppa.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_hppa.deb


• Debian gopher_3.0.3woody1_i386.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_i386.deb


• Debian gopher_3.0.3woody1_m68k.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_m68k.deb


• Debian gopher_3.0.3woody1_mips.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_mips.deb


• Debian gopher_3.0.3woody1_mipsel.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_mipsel.deb


• Debian gopher_3.0.3woody1_powerpc.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_powerpc.deb


• Debian gopher_3.0.3woody1_s390.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_s390.deb


• Debian gopher_3.0.3woody1_sparc.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_sparc.deb


• Debian gopherd_3.0.3woody1_alpha.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_alpha.deb


• Debian gopherd_3.0.3woody1_arm.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_arm.deb


• Debian gopherd_3.0.3woody1_hppa.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_hppa.deb


• Debian gopherd_3.0.3woody1_i386.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_i386.deb


• Debian gopherd_3.0.3woody1_m68k.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_m68k.deb


• Debian gopherd_3.0.3woody1_mips.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_mips.deb


• Debian gopherd_3.0.3woody1_mipsel.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_mipsel.deb


• Debian gopherd_3.0.3woody1_powerpc.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_powerpc.deb


• Debian gopherd_3.0.3woody1_s390.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_s390.deb


• Debian gopherd_3.0.3woody1_sparc.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woo dy1_sparc.deb


• Debian gopher_3.0.3woody1_alpha.deb
  http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3wood y1_alpha.deb