drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in usb-creator
Name: |
Ausführen beliebiger Kommandos in usb-creator |
|
ID: |
USN-2576-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 14.10 |
|
Datum: |
Do, 23. April 2015, 16:35 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
usb-creator |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4859995325091415710== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2576-1 April 23, 2015
usb-creator vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
usb-creator could be tricked into running programs as an administrator.
Software Description: - usb-creator: create a startup disk using a CD or disc image
Details:
Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: usb-creator-common 0.2.62ubuntu0.3
Ubuntu 14.04 LTS: usb-creator-common 0.2.56.3ubuntu0.1
Ubuntu 12.04 LTS: usb-creator-common 0.2.38.3ubuntu0.1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2576-1 https://launchpad.net/bugs/1447396
Package Information: https://launchpad.net/ubuntu/+source/usb-creator/0.2.62ubuntu0.3 https://launchpad.net/ubuntu/+source/usb-creator/0.2.56.3ubuntu0.1 https://launchpad.net/ubuntu/+source/usb-creator/0.2.38.3ubuntu0.1
--ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJVOPZEAAoJEGVp2FWnRL6TMvYP/jJTuym58o8zMTuf50gqkU7s LM6EqxB8dbHeJGNT6MfDGjQIkNa1lmmH/SbzsgT0cnya3fCbeSAat/9dDbmx8lwH 2XIAfhXHhakDK7Vk6WoTLnlpbRjcYZY95VhXvYsvegwlQ1zC9fCGfFtgXRjMxgXX 556d+NUMJQrM9/a316PUpfANU99w7z+QylssKmqzJABh2XCPnCXZM0FWa++alHTP O9X7iurv+n9t5GnNp4hHHT0vmj7K1x1LFZGzrhv8XA8pLBX0sGoe2O7xnA1a96Lp 3L2TUxNKIta1m/vmaV/dkWMCIdTgfCI7ntQJz2enkapV2n2WC6qIliSMHTrHpobz IxBnE7kkd4QMbb4CFOeMsBDYBmsiG6xbiRhvWl2bTZ5xQiBzgy81X+rPyRfyR0Q2 fOadCqTrZOwJ/O74ZxQ20Zz8dHbpp9/ij/a6KOE+Zr/LgKngUz2Pd0n4vAGFTHxO x+AGjkt1TYkchYau2A7EMVzJ1ERErjQkaSxboUx3yv3R3cZmAYbKxTF5Nj8q20Nq +t2MB3+xBSHJJdr/i6Gq3iE/S2XSoePzrGXVYXQFt3fQThGe5BwSq81vslpY7a3f VaOT9gXqLqzUkXAL4Ccu3YxSDEBW5TTIo9HGgitj9eIRSQqesZFdWQpJwqoC9Sxu wWx9Jvq/sqS438IThHDT =1xZS -----END PGP SIGNATURE-----
--ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT--
--===============4859995325091415710== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4859995325091415710==--
|
|
|
|