drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in usb-creator
| Name: |
Ausführen beliebiger Kommandos in usb-creator |
|
| ID: |
USN-2576-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 14.10 |
|
| Datum: |
Do, 23. April 2015, 16:35 |
|
| Referenzen: |
Keine Angabe |
|
| Applikationen: |
usb-creator |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============4859995325091415710==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-2576-1
April 23, 2015
usb-creator vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
usb-creator could be tricked into running programs as an administrator.
Software Description:
- usb-creator: create a startup disk using a CD or disc image
Details:
Tavis Ormandy discovered that usb-creator was missing an authentication
check. A local attacker could use this issue to gain elevated privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
usb-creator-common 0.2.62ubuntu0.3
Ubuntu 14.04 LTS:
usb-creator-common 0.2.56.3ubuntu0.1
Ubuntu 12.04 LTS:
usb-creator-common 0.2.38.3ubuntu0.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2576-1
https://launchpad.net/bugs/1447396
Package Information:
https://launchpad.net/ubuntu/+source/usb-creator/0.2.62ubuntu0.3
https://launchpad.net/ubuntu/+source/usb-creator/0.2.56.3ubuntu0.1
https://launchpad.net/ubuntu/+source/usb-creator/0.2.38.3ubuntu0.1
--ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVOPZEAAoJEGVp2FWnRL6TMvYP/jJTuym58o8zMTuf50gqkU7s
LM6EqxB8dbHeJGNT6MfDGjQIkNa1lmmH/SbzsgT0cnya3fCbeSAat/9dDbmx8lwH
2XIAfhXHhakDK7Vk6WoTLnlpbRjcYZY95VhXvYsvegwlQ1zC9fCGfFtgXRjMxgXX
556d+NUMJQrM9/a316PUpfANU99w7z+QylssKmqzJABh2XCPnCXZM0FWa++alHTP
O9X7iurv+n9t5GnNp4hHHT0vmj7K1x1LFZGzrhv8XA8pLBX0sGoe2O7xnA1a96Lp
3L2TUxNKIta1m/vmaV/dkWMCIdTgfCI7ntQJz2enkapV2n2WC6qIliSMHTrHpobz
IxBnE7kkd4QMbb4CFOeMsBDYBmsiG6xbiRhvWl2bTZ5xQiBzgy81X+rPyRfyR0Q2
fOadCqTrZOwJ/O74ZxQ20Zz8dHbpp9/ij/a6KOE+Zr/LgKngUz2Pd0n4vAGFTHxO
x+AGjkt1TYkchYau2A7EMVzJ1ERErjQkaSxboUx3yv3R3cZmAYbKxTF5Nj8q20Nq
+t2MB3+xBSHJJdr/i6Gq3iE/S2XSoePzrGXVYXQFt3fQThGe5BwSq81vslpY7a3f
VaOT9gXqLqzUkXAL4Ccu3YxSDEBW5TTIo9HGgitj9eIRSQqesZFdWQpJwqoC9Sxu
wWx9Jvq/sqS438IThHDT
=1xZS
-----END PGP SIGNATURE-----
--ckO6ANWIUW7M93hks6GXkuJKkE37SKFKT--
--===============4859995325091415710==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4859995325091415710==--
|
|
|
|
