drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in cifs-utils
Name: |
Denial of Service in cifs-utils |
|
ID: |
USN-1226-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.10, Ubuntu 11.04 |
|
Datum: |
Mi, 5. Oktober 2011, 07:24 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2724 |
|
Applikationen: |
cifs-utils |
|
Originalnachricht |
--===============7468540522578374557== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-PLJBX+iCv48gCgCKdrky"
--=-PLJBX+iCv48gCgCKdrky Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1226-2 October 04, 2011
cifs-utils vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04 - Ubuntu 10.10
Summary:
An attacker could trick cifs-utils into corrupting the system mtab file.
Software Description: - cifs-utils: Common Internet File System utilities
Details:
Dan Rosenberg discovered that cifs-utils incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. (CVE-2011-1678)
Jan Lieskovsky discovered that cifs-utils incorrectly filtered certain strings being added to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. (CVE-2011-2724)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.04: smbfs 2:4.5-2ubuntu0.11.04.1
Ubuntu 10.10: smbfs 2:4.5-2ubuntu0.10.10.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1226-2 http://www.ubuntu.com/usn/usn-1226-1 CVE-2011-1678, CVE-2011-2724
Package Information: https://launchpad.net/ubuntu/+source/cifs-utils/2:4.5-2ubuntu0.11.04.1 https://launchpad.net/ubuntu/+source/cifs-utils/2:4.5-2ubuntu0.10.10.1
--ÙLJBX+iCv48gCgCKdrky Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJOi2quAAoJEGVp2FWnRL6TJKgQAJiSoFv8KPjGTWHDO4MbrkiN KQ0FcQgL9oZflHX/AXALHSYu2FYaXGdpYFL8MVSXClUK84o9RxzzVv0LR2Ha0Vpz X28ZG58Yi7zdst9butAe0yJoRVJ3vekLBhl3+2P54sqL+ybXnjkrE+SGkdX1mbY1 UDixMJzsgjdeznkp3L6PagCsOxi195LnFuYU5cE6z+d0elZtLlWiGLmpPtCjdTmg nTF/TmDBG+XxiLcKg7/S+3i98DqT9RPIEEW53Urv3l++w7wyvgkINivnyuoyzy/b QtlW/SRJPSWTeUk8i1XYdNR7kzL0mU7XLNOaTMGCi9XQ5iMQZSXwy0GVI92v/CvN hdXty49W1Z4CCkyJ30B1FuOMdG2yAlot0607ppvOEMfHWlL47Rg80Tpb+bbd0Nyc gqUCGyorSlvdOS/7SOscXfK267b6oinuSxcneU1Ag1WMqSITRRNSjirZxgi8I/u7 dz7nY8lsEJA1kTrlcgh9EJVqEkF+xml1fC+iYDqMbX3qzS1RfArljyoy2Wm2FD8C 3dRr68FDBaoKB4MfcxF/+Fz70hD8GNbiqYSX9zVec2iaw2oJ9AwuZGe66NOoQSo4 rIlZE33tfBPYbG5DvbBhQfmOK1zRn4fprIuGKn+abJ4G19b3n/sgDeZeuFvmJIbe tT33txpvBs2wNrF47Mpt =j/Op -----END PGP SIGNATURE-----
--=-PLJBX+iCv48gCgCKdrky--
--===============7468540522578374557== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7468540522578374557==--
|
|
|
|