It has been reported that in.uucpd does not properly truncate strings under some circumstances. This problem could result in a buffer overflow that could allow a user to deny service to the daemon. Following the crash of the daemon, a manual restart of the service would be required to resume service.

in.uucpd is an authentication agent designed to work with the Unix-to-Unix Copy Protocol (UUCP).

Remote: Yes

Exploit: No

Solution: Vendor fixes available:


Debian Linux 2.2 sparc:

Debian Upgrade uucp_1.06.1-11potato3_sparc.deb
http://security.debian.org/dists/sta...ato3_sparc.deb

Debian Linux 2.2 powerpc:

Debian Upgrade uucp_1.06.1-11potato3_powerpc.deb
http://security.debian.org/dists/sta...o3_powerpc.deb

Debian Linux 2.2 IA-32:

Debian Upgrade uucp_1.06.1-11potato3_i386.deb
http://security.debian.org/dists/sta...tato3_i386.deb

Debian Linux 2.2 arm:

Debian Upgrade uucp_1.06.1-11potato3_arm.deb
http://security.debian.org/dists/sta...otato3_arm.deb

Debian Linux 2.2 alpha:

Debian Upgrade uucp_1.06.1-11potato3_alpha.deb
http://security.debian.org/dists/sta...ato3_alpha.deb

Debian Linux 2.2 68k:

Debian Upgrade uucp_1.06.1-11potato3_m68k.deb
http://security.debian.org/dists/sta...tato3_m68k.deb

Source: http://www.xatrix.org/article1579.html