Login
Newsletter
Werbung

Sicherheit: Denial of Service in acpid
Aktuelle Meldungen Distributionen
Name: Denial of Service in acpid
ID: USN-1234-1
Distribution: Ubuntu
Plattformen: Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04
Datum: Do, 20. Oktober 2011, 22:48
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1159
Applikationen: acpid

Originalnachricht


--===============0926192294046530397==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-pqYkg9N0Z8sAeh+/ZjYF"


--=-pqYkg9N0Z8sAeh+/ZjYF
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1234-1
October 20, 2011

acpid vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS

Summary:

acpid could be made to stall under certain conditions.

Software Description:
- acpid: Advanced Configuration and Power Interface event daemon

Details:

Vasiliy Kulikov discovered that acpid did not properly handle connections
from poorly behaving clients. A local attacker could potentially exploit
this to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.04:
acpid 1:2.0.7-1ubuntu2.1

Ubuntu 10.10:
acpid 1.0.10-5ubuntu4.1

Ubuntu 10.04 LTS:
acpid 1.0.10-5ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1234-1
CVE-2011-1159

Package Information:
https://launchpad.net/ubuntu/+source/acpid/1:2.0.7-1ubuntu2.1
https://launchpad.net/ubuntu/+source/acpid/1.0.10-5ubuntu4.1
https://launchpad.net/ubuntu/+source/acpid/1.0.10-5ubuntu2.2



--ÙqYkg9N0Z8sAeh+/ZjYF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJOoHtAAAoJEFHb3FjMVZVz7KwP/3wb0HXzACwLrseBY26RDZI5
sl8ngwidSEJE4dgOZHsMHCP6YrsHWPkMiCHRz8dVm/TNUtG29HXZdA6KriY+SM64
DObmh13LvWO/hpKMSwNl5FdL8dvFEBvFUEDmCZmSEW0P5I8L4uY/rCaqMq7NQjHc
i5JiKY4JHmx2LEOU6C3rL51jhAJo78R3qhqmZ1hgbXLdve8sAVpOJ7BcFreCw7Zi
0uaCTbTbUe+DaQVgD1dIp+cST3GnqsEsu5+3vFH2gmG+VrgJMZmYYN4Qt7h9Z6B1
kYwbfzBnkUzyTcoYMBi6oaGVdcZBcHODqPufCfVOMqHTyoxrkRsZfAnr4AYQISTI
FGbyROKye6z4RWfHanQLxVD03scXicDtuDV9wCMegWoIERUt6MKvfHGeV1C0XVE5
OApyvreMO1STbve4PdUXNuZ1G0at5y52pYJMepD9xCo4wSB6mkMT4ztukLVDU/3t
i/HIKlCYaZuVKbIql+3ZoWipHj+rBHq0i94SffOspX8j8wFukT2jm8SB1ZD2yFJa
BZlP7n55MFDbpfJwMcl9itrLaUW3BZxYl7tRjEFmqcPtxTRHx+PC82FG/7+P+IKA
LGo+X780+77AOeuQPQqAzLJ2CVGKqgGgO/dTAyH0ScHgfriKf/ps9G1TmmkT3cVN
1UrhKHS81zjQB1o2k8J2
=HBJY
-----END PGP SIGNATURE-----

--=-pqYkg9N0Z8sAeh+/ZjYF--



--===============0926192294046530397==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0926192294046530397==--
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten
Werbung