Vulnerability: Debian IN.UUCP Remote Buffer Overflow
It has been reported that in.uucpd does not properly truncate strings under some circumstances. This problem could result in a buffer overflow that could allow a user to deny service to the daemon. Following the crash of the daemon, a manual restart of the service would be required to resume service.
in.uucpd is an authentication agent designed to work with the Unix-to-Unix Copy Protocol (UUCP).
Remote: Yes
Exploit: No
Solution: Vendor fixes available:
Debian Linux 2.2 sparc:
Debian Upgrade uucp_1.06.1-11potato3_sparc.deb
http://security.debian.org/dists/sta...ato3_sparc.deb
Debian Linux 2.2 powerpc:
Debian Upgrade uucp_1.06.1-11potato3_powerpc.deb
http://security.debian.org/dists/sta...o3_powerpc.deb
Debian Linux 2.2 IA-32:
Debian Upgrade uucp_1.06.1-11potato3_i386.deb
http://security.debian.org/dists/sta...tato3_i386.deb
Debian Linux 2.2 arm:
Debian Upgrade uucp_1.06.1-11potato3_arm.deb
http://security.debian.org/dists/sta...otato3_arm.deb
Debian Linux 2.2 alpha:
Debian Upgrade uucp_1.06.1-11potato3_alpha.deb
http://security.debian.org/dists/sta...ato3_alpha.deb
Debian Linux 2.2 68k:
Debian Upgrade uucp_1.06.1-11potato3_m68k.deb
http://security.debian.org/dists/sta...tato3_m68k.deb
Source: http://www.xatrix.org/article1579.html