drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in x11-xserver-utils
Name: |
Ausführen beliebiger Kommandos in x11-xserver-utils |
|
ID: |
USN-1107-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, Ubuntu 10.10 |
|
Datum: |
Do, 7. April 2011, 11:41 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465 |
|
Applikationen: |
x11-xserver-utils |
|
Originalnachricht |
--===============6916331566314548169== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-vcvL/YuM3Um/fqb3DOgj"
--=-vcvL/YuM3Um/fqb3DOgj Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
=========================================================== Ubuntu Security Notice USN-1107-1 April 06, 2011 x11-xserver-utils vulnerability CVE-2011-0465 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: x11-xserver-utils 7.3+2ubuntu0.1
Ubuntu 9.10: x11-xserver-utils 7.4+2ubuntu3.1
Ubuntu 10.04 LTS: x11-xserver-utils 7.5+1ubuntu2.1
Ubuntu 10.10: x11-xserver-utils 7.5+2ubuntu1.1
After a standard system update you need to reboot your computer to make all the necessary changes.
Details follow:
Sebastian Krahmer discovered that the xrdb utility incorrectly filtered crafted hostnames. An attacker could use this flaw with a malicious DHCP server or with a remote xdmcp login and execute arbitrary code, resulting in root privilege escalation.
Updated packages for Ubuntu 8.04 LTS:
Source archives:
x11-xserver-utils_7.3+2ubuntu0.1.dsc Size/MD5: 1855 ed72ba7905552c8ad970eb9b6ea65735 x11-xserver-utils_7.3+2ubuntu0.1.tar.gz Size/MD5: 1993520 fbcfdc97544d06d5956b553f154024a9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
x11-xserver-utils_7.3+2ubuntu0.1_amd64.deb Size/MD5: 188578 55c51ac356a4c206986993426ef9c89a
i386 architecture (x86 compatible Intel/AMD):
x11-xserver-utils_7.3+2ubuntu0.1_i386.deb Size/MD5: 173526 cff268921d0c6c4b0be4bd053c7a32ca
lpia architecture (Low Power Intel Architecture):
x11-xserver-utils_7.3+2ubuntu0.1_lpia.deb Size/MD5: 174206 537c0ee33f027fe77b2d988a19addc98
powerpc architecture (Apple Macintosh G3/G4/G5):
x11-xserver-utils_7.3+2ubuntu0.1_powerpc.deb Size/MD5: 223124 32704bc7de76ad266f152cd26a20799c
sparc architecture (Sun SPARC/UltraSPARC):
x11-xserver-utils_7.3+2ubuntu0.1_sparc.deb Size/MD5: 178220 ef7a7a8d0342e3453b00ee574c7f6f8e
Updated packages for Ubuntu 9.10:
Source archives:
x11-xserver-utils_7.4+2ubuntu3.1.dsc Size/MD5: 2098 a8f51b5ddeb65b629fb7d3e37921bdb7 x11-xserver-utils_7.4+2ubuntu3.1.tar.gz Size/MD5: 2027496 28363c3d291c9f299e40757abbd2ec11
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
x11-xserver-utils_7.4+2ubuntu3.1_amd64.deb Size/MD5: 204686 4c3899eabc2a94b9e3885e61aa8b435d
i386 architecture (x86 compatible Intel/AMD):
x11-xserver-utils_7.4+2ubuntu3.1_i386.deb Size/MD5: 187160 a4493402abed14adba7e186e33117d86
armel architecture (ARM Architecture):
x11-xserver-utils_7.4+2ubuntu3.1_armel.deb Size/MD5: 189234 4d203c561b9c8fe91b50099e8c87cc11
lpia architecture (Low Power Intel Architecture):
x11-xserver-utils_7.4+2ubuntu3.1_lpia.deb Size/MD5: 185760 7acee417b2aee7c54ff7f3eed1301a9e
powerpc architecture (Apple Macintosh G3/G4/G5):
x11-xserver-utils_7.4+2ubuntu3.1_powerpc.deb Size/MD5: 197428 4e7151586bc4139098c820c1d1b812a3
sparc architecture (Sun SPARC/UltraSPARC):
x11-xserver-utils_7.4+2ubuntu3.1_sparc.deb Size/MD5: 196292 29e6bf5806bf8a492dbde60e48281fae
Updated packages for Ubuntu 10.04 LTS:
Source archives:
x11-xserver-utils_7.5+1ubuntu2.1.dsc Size/MD5: 2053 af668fc46b52cbbb8fce94579db91662 x11-xserver-utils_7.5+1ubuntu2.1.tar.gz Size/MD5: 2017972 d68d1519793de89571ed5c78eae9dd1c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
x11-xserver-utils_7.5+1ubuntu2.1_amd64.deb Size/MD5: 185406 db3596b0abcd26fe8569687bf790d016
i386 architecture (x86 compatible Intel/AMD):
x11-xserver-utils_7.5+1ubuntu2.1_i386.deb Size/MD5: 170078 7e6ea917d730b4b54bba69e4e3df533c
armel architecture (ARM Architecture):
x11-xserver-utils_7.5+1ubuntu2.1_armel.deb Size/MD5: 171114 a3281fd14dea567b7879ebe2c5782087
powerpc architecture (Apple Macintosh G3/G4/G5):
x11-xserver-utils_7.5+1ubuntu2.1_powerpc.deb Size/MD5: 180332 eb5deb911bd3098f6969e4c758bc5a07
sparc architecture (Sun SPARC/UltraSPARC):
x11-xserver-utils_7.5+1ubuntu2.1_sparc.deb Size/MD5: 182876 98a7170dd299c3d54b7d1b38f43e1058
Updated packages for Ubuntu 10.10:
Source archives:
x11-xserver-utils_7.5+2ubuntu1.1.dsc Size/MD5: 2050 89b42bbb00b6f26578c875da2b0fd26c x11-xserver-utils_7.5+2ubuntu1.1.tar.gz Size/MD5: 2114046 fd0986fe6eced94861a5b5d012ee5e0b
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
x11-xserver-utils_7.5+2ubuntu1.1_amd64.deb Size/MD5: 185918 70308628801d2bca8c67d2941422e4fe
i386 architecture (x86 compatible Intel/AMD):
x11-xserver-utils_7.5+2ubuntu1.1_i386.deb Size/MD5: 170444 3da72942a1f2351e1f2d9616402b3f9a
armel architecture (ARM Architecture):
x11-xserver-utils_7.5+2ubuntu1.1_armel.deb Size/MD5: 180638 dfef48402643a2c0d6d718db0023dcb7
powerpc architecture (Apple Macintosh G3/G4/G5):
x11-xserver-utils_7.5+2ubuntu1.1_powerpc.deb Size/MD5: 180626 9e15d1f000b142344835c57179307227
--ßcvL/YuM3Um/fqb3DOgj Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJNnLRrAAoJEGVp2FWnRL6TtSMQALuI6cEYUMzFvQEEvIH00yPV D+PHKFr9Jtrz0k047TetPPP+o9g5XjiR7R3q3XbuQ4tASW8pPG2yTR6GapdQiirj wD9hRq02pVp0qkcQ3+T81/zPzsrynfm03NQXcQgFuoxQIEKUc1xC9xMJUJGmPJ0u Fe8FLe3FH8SoD5uRYBNkTlpvyg7ISNxVUOLmN8tztHpxGhcFOIbzmurcGdD4tfUL 7kw3JfAZe6pvgJc7Qf6D3Fxgbl4PLhNgscVu8B2Eah4IPdFnGIkdI32akg2xGmTD ZVHJ4mfWM2sxz0j4Jvy+I2YYHhxT1PT1Xh5TN6HOSnXtyVyd5ODb8AfTKhQQAOxG hrX7Ze3j4EmG/b8+wKQrlkjXbF8PGBf2DnJal8+7zAiAkAcVeu5B1/vvwYALDhuU 1sJ5PgA3KK39qTpzadjp0oDKX4G1RdizukaLcmNmmASzLDUHa+gZSuzLniUiu0iP c+lguCXJSokY+SnRgv7j/8JyLjapLAJG9UxDUUZpoHFx0HVdtcG3hK6rnXjCbexX 6XrA9MbN7lCsBhfwgZOU4q9qYz5tHVoyu74HCFMJSFbbtvi6ZYfLYAyozI0WXuw9 boc0wiPOyeG22MVQOsEwBgnnhFlW8NpLI4ld4Mo4zGmJFuMHLtUvmux2boW489hK aLPdRpa2KRvXm851yRe0 =zysh -----END PGP SIGNATURE-----
--=-vcvL/YuM3Um/fqb3DOgj--
--===============6916331566314548169== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6916331566314548169==--
|
|
|
|