Login
Newsletter
Werbung
Sicherheit: Preisgabe von Informationen in ncpfs
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in ncpfs
ID: MDVSA-2010:046
Distribution: Mandriva
Plattformen: Mandriva Multi Network Firewall 2.0, Mandriva Corporate 4.0, Mandriva 2008.0, Mandriva 2009.0, Mandriva 2009.1, Mandriva Enterprise Server 5.0, Mandriva 2010.0
Datum: Mi, 24. Februar 2010, 09:41
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3297
Applikationen: ncpfs

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1266955221-24326-5096


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:046
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : ncpfs
 Date    : February 23, 2010
 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
           Enterprise Server 5.0, Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found in ncpfs which can be exploited by
 local users to disclose potentially sensitive information, cause a
 DoS (Denial of Service), and potentially gain escalated privileges
 (CVE-2009-3297).
 
 Packages for 2008.0 are provided for Corporate Desktop 2008.0
 customers.
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3297
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 bd13d0ef9a8eb631bed95999fe7ce29d 
 2008.0/i586/ipxutils-2.2.6-3.1mdv2008.0.i586.rpm
 19ffdf6b5baa72a542a5a9b5faeac95d 
 2008.0/i586/libncpfs2.3-2.2.6-3.1mdv2008.0.i586.rpm
 714a70673cbafb24618464269cb94652 
 2008.0/i586/libncpfs2.3-devel-2.2.6-3.1mdv2008.0.i586.rpm
 1e7537c211b03059f561ed6acb73cc53 
 2008.0/i586/ncpfs-2.2.6-3.1mdv2008.0.i586.rpm 
 6007e8403e0c8f6959b3bdb0d67a52dd 
 2008.0/SRPMS/ncpfs-2.2.6-3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 4246619448c6eb958d3c600427c18d31 
 2008.0/x86_64/ipxutils-2.2.6-3.1mdv2008.0.x86_64.rpm
 c2d5d09735d2a65a3ebcad375fc596a8 
 2008.0/x86_64/lib64ncpfs2.3-2.2.6-3.1mdv2008.0.x86_64.rpm
 3eb7584709306995334f1400944ab37f 
 2008.0/x86_64/lib64ncpfs2.3-devel-2.2.6-3.1mdv2008.0.x86_64.rpm
 cd5a93f58dab12a821a32a5e0e7b44de 
 2008.0/x86_64/ncpfs-2.2.6-3.1mdv2008.0.x86_64.rpm 
 6007e8403e0c8f6959b3bdb0d67a52dd 
 2008.0/SRPMS/ncpfs-2.2.6-3.1mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 5194bdf36e6911aa51a1e32ead65bea2 
 2009.0/i586/ipxutils-2.2.6-6.1mdv2009.0.i586.rpm
 6e4b2bd69a8e340da0d43bc5cc42c6e6 
 2009.0/i586/libncpfs2.3-2.2.6-6.1mdv2009.0.i586.rpm
 9c327c39f9d545ca3c173851a536517f 
 2009.0/i586/libncpfs-devel-2.2.6-6.1mdv2009.0.i586.rpm
 5b346a3351ace6fbae5c16c3652bf85a 
 2009.0/i586/ncpfs-2.2.6-6.1mdv2009.0.i586.rpm 
 77297646ddaf605e80f3c142a7d64ff9 
 2009.0/SRPMS/ncpfs-2.2.6-6.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 b93bc582369a4c2c1b2cfc7997c669b0 
 2009.0/x86_64/ipxutils-2.2.6-6.1mdv2009.0.x86_64.rpm
 3818472d1b6b13f92b4442ebf66ff759 
 2009.0/x86_64/lib64ncpfs2.3-2.2.6-6.1mdv2009.0.x86_64.rpm
 b65f979659537eea71a0bf5aed8bb51e 
 2009.0/x86_64/lib64ncpfs-devel-2.2.6-6.1mdv2009.0.x86_64.rpm
 e5653f0217fd5f1eac98fa73e0461b69 
 2009.0/x86_64/ncpfs-2.2.6-6.1mdv2009.0.x86_64.rpm 
 77297646ddaf605e80f3c142a7d64ff9 
 2009.0/SRPMS/ncpfs-2.2.6-6.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 e8f56a6a880cdc15d458e6e8a20a52eb 
 2009.1/i586/ipxutils-2.2.6-7.1mdv2009.1.i586.rpm
 c07d1d8e5c5dd5209ee155cc8640e6b4 
 2009.1/i586/libncpfs2.3-2.2.6-7.1mdv2009.1.i586.rpm
 2a8c1675cd884a547ad2a0fc5341a4ad 
 2009.1/i586/libncpfs-devel-2.2.6-7.1mdv2009.1.i586.rpm
 e2e3cfbd6dca2bc0f8d2e47cbcf4776d 
 2009.1/i586/ncpfs-2.2.6-7.1mdv2009.1.i586.rpm 
 760c022204aa3844bca01a48e4611a56 
 2009.1/SRPMS/ncpfs-2.2.6-7.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 3e55e05e18be76bf12b8ecc3b3da8179 
 2009.1/x86_64/ipxutils-2.2.6-7.1mdv2009.1.x86_64.rpm
 c8ff45436bf99a5843b34e09efb110da 
 2009.1/x86_64/lib64ncpfs2.3-2.2.6-7.1mdv2009.1.x86_64.rpm
 47553e4562b5e97514cfc004229ce478 
 2009.1/x86_64/lib64ncpfs-devel-2.2.6-7.1mdv2009.1.x86_64.rpm
 8e3da74c354192f6cd19289650127375 
 2009.1/x86_64/ncpfs-2.2.6-7.1mdv2009.1.x86_64.rpm 
 760c022204aa3844bca01a48e4611a56 
 2009.1/SRPMS/ncpfs-2.2.6-7.1mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 8045994efc194fab3ae8e5f370032295 
 2010.0/i586/ipxutils-2.2.6-7.1mdv2010.0.i586.rpm
 80a95d2ead994ea5ca6061f2fa928387 
 2010.0/i586/libncpfs2.3-2.2.6-7.1mdv2010.0.i586.rpm
 6dad82999e3fb3076a61bca8f0ba4b78 
 2010.0/i586/libncpfs-devel-2.2.6-7.1mdv2010.0.i586.rpm
 acc4178fb24d52d9a46a3689a7c89728 
 2010.0/i586/ncpfs-2.2.6-7.1mdv2010.0.i586.rpm 
 2902291f88fdafee74953764f9afec2d 
 2010.0/SRPMS/ncpfs-2.2.6-7.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 2623a234081a5ec10538ec558d6ed244 
 2010.0/x86_64/ipxutils-2.2.6-7.1mdv2010.0.x86_64.rpm
 e3429417b662c779913a2f5765ebc8a1 
 2010.0/x86_64/lib64ncpfs2.3-2.2.6-7.1mdv2010.0.x86_64.rpm
 2bf1febb0dd03dd948a439ace7f6d55d 
 2010.0/x86_64/lib64ncpfs-devel-2.2.6-7.1mdv2010.0.x86_64.rpm
 731db0f031912da255cb11f8434d4211 
 2010.0/x86_64/ncpfs-2.2.6-7.1mdv2010.0.x86_64.rpm 
 2902291f88fdafee74953764f9afec2d 
 2010.0/SRPMS/ncpfs-2.2.6-7.1mdv2010.0.src.rpm

 Corporate 4.0:
 01ef41a498ae344662d3867f151b702c 
 corporate/4.0/i586/ipxutils-2.2.6-1.1.20060mlcs4.i586.rpm
 3bd95f150e9fe2146d2544a420b5e7be 
 corporate/4.0/i586/libncpfs2.3-2.2.6-1.1.20060mlcs4.i586.rpm
 47c3c47344f79acdba5cc70c7fe852db 
 corporate/4.0/i586/libncpfs2.3-devel-2.2.6-1.1.20060mlcs4.i586.rpm
 306f96b3cc985c4f4df1803861eb672a 
 corporate/4.0/i586/ncpfs-2.2.6-1.1.20060mlcs4.i586.rpm 
 8b52955c0e46311fe722d1f2f4ed53b6 
 corporate/4.0/SRPMS/ncpfs-2.2.6-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 7ac3e80a0d63658b20de316b0ea5e2a8 
 corporate/4.0/x86_64/ipxutils-2.2.6-1.1.20060mlcs4.x86_64.rpm
 853743d1d83018a48402d9f9b75eaeec 
 corporate/4.0/x86_64/lib64ncpfs2.3-2.2.6-1.1.20060mlcs4.x86_64.rpm
 61ae87e4d1915383ae010779830d925d 
 corporate/4.0/x86_64/lib64ncpfs2.3-devel-2.2.6-1.1.20060mlcs4.x86_64.rpm
 98150603959f80d8490e7ec6603f1af2 
 corporate/4.0/x86_64/ncpfs-2.2.6-1.1.20060mlcs4.x86_64.rpm 
 8b52955c0e46311fe722d1f2f4ed53b6 
 corporate/4.0/SRPMS/ncpfs-2.2.6-1.1.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 c771cf95d72e094d973e779287c0a667  mes5/i586/ipxutils-2.2.6-6.1mdvmes5.i586.rpm
 e7f41aa4a0a1a403a129cbda865c5aaa 
 mes5/i586/libncpfs2.3-2.2.6-6.1mdvmes5.i586.rpm
 a0d5385b21647c93bc4d33176df6900a 
 mes5/i586/libncpfs-devel-2.2.6-6.1mdvmes5.i586.rpm
 d6afd05c0ea009a8f4dab8bd6ab1ad62  mes5/i586/ncpfs-2.2.6-6.1mdvmes5.i586.rpm 
 f0658c582b75e52910f0a7495dc74b63  mes5/SRPMS/ncpfs-2.2.6-6.1mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 5985a3c79bce9be6f417e7d9444d76c5 
 mes5/x86_64/ipxutils-2.2.6-6.1mdvmes5.x86_64.rpm
 7ab42ff1233f921c5a103916e7a935c0 
 mes5/x86_64/lib64ncpfs2.3-2.2.6-6.1mdvmes5.x86_64.rpm
 90a089d664adc4c1bb809673c647ad3c 
 mes5/x86_64/lib64ncpfs-devel-2.2.6-6.1mdvmes5.x86_64.rpm
 0e565bd41ada6d02dc9f648ad9310420 
 mes5/x86_64/ncpfs-2.2.6-6.1mdvmes5.x86_64.rpm 
 f0658c582b75e52910f0a7495dc74b63  mes5/SRPMS/ncpfs-2.2.6-6.1mdvmes5.src.rpm

 Multi Network Firewall 2.0:
 4d694e66271273fce6efec1a5405407c 
 mnf/2.0/i586/ipxutils-2.2.6-0.2.M20mdk.i586.rpm
 6dc480f65fec20068d55ce4c27a389c1 
 mnf/2.0/i586/libncpfs2.3-2.2.6-0.2.M20mdk.i586.rpm
 9adff7bcce1140138e7cc11c3386c893 
 mnf/2.0/i586/libncpfs2.3-devel-2.2.6-0.2.M20mdk.i586.rpm
 e5bd02b2b8e551faa39ccfdb21ec2065  mnf/2.0/i586/ncpfs-2.2.6-0.2.M20mdk.i586.rpm
 
 2f6be25e1b19df9c30f69b2efb96bebc  mnf/2.0/SRPMS/ncpfs-2.2.6-0.2.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLhAN2mqjQ0CJFipgRApdWAJ9jUZjWv99/Qif8Z7JK1TyXwUJeNgCgtOVK
9mbsAaAkkLmbI09GfJ72TGc=
=SbNo
-----END PGP SIGNATURE-----


------------=_1266955221-24326-5096
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1266955221-24326-5096--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung