drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Transmission
Name: |
Ausführen beliebiger Kommandos in Transmission |
|
ID: |
USN-1747-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 11.10, Ubuntu 12.04 LTS, Ubuntu 12.10 |
|
Datum: |
Mo, 25. Februar 2013, 23:30 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6129 |
|
Applikationen: |
Transmission |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============5045974777852779211== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig85CAC8B00B03EE5B1DF3EB6C"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig85CAC8B00B03EE5B1DF3EB6C Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1747-1 February 25, 2013
transmission vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10
Summary:
Transmission could be made to crash or run programs if it received specially crafted network traffic.
Software Description: - transmission: lightweight BitTorrent client
Details:
It was discovered that Transmission incorrectly handled certain micro transport protocol packets. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: transmission-common 2.61-0ubuntu2.2
Ubuntu 12.04 LTS: transmission-common 2.51-0ubuntu1.3
Ubuntu 11.10: transmission-common 2.33-0ubuntu2.1
After a standard system update you need to restart Transmission to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1747-1 CVE-2012-6129
Package Information: https://launchpad.net/ubuntu/+source/transmission/2.61-0ubuntu2.2 https://launchpad.net/ubuntu/+source/transmission/2.51-0ubuntu1.3 https://launchpad.net/ubuntu/+source/transmission/2.33-0ubuntu2.1
--------------enig85CAC8B00B03EE5B1DF3EB6C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJRK3/8AAoJEGVp2FWnRL6TZbAP/0fsubzL0356lnBzBKjqNWHq 6/Z5Dk7XupaL9ZsUr42SiMT3s+zVrNCSF92pT2TXzj4fPHaWUVQhsQMBBZbx5Hq7 fvxDc00BcEBBj08bBbTFJFAereoCJVctUFmGeK0cWOVsRTxKMA9MGsEpUCiegBiL 3nXn1JLTBzDJHu86VBs5Hw7hXG2HhQVkD4zMT2FdB3Q1TaxfebI1C/xirzfGxxvO 0pfgkZE/uK9iRw31CW7EcNXA0ZBMrXkpm95BGgSxbg6vDjWTqqpdpziaT2BkW5xH RCj0lD5GPgrRZaf0sJLSl3OPIMmeqgoS6FK0/pQIrgp/EGwJlrmeG8GfisUb1Qut T6gKN/12hgY/bqyw6Kju2pqqoE8TaTk6GBafypIKmRWVAxXJ8jk3/y0OK8+DJUkS 6e/fo8RiZ8K9kbhDGGNL48WQVOfBhWIY8+UHPc5sUEHhmrKvSIauqFZZbQqGOBdi I5+7qYmKqZzom4p4cYVuI7uhntVrICXIWXAHDTssCOu/BqvJW0Qc+nZJJdpjwxCl CBLt1IK8QjEWuJwx4qrfrd7PJw4W7jgFsN+1WY2GbdDichwiihYaV+jDTQe/yq02 bWoMBg1+GW/l3XhQXPheRsQRxA48wr/XlvRxICHjWpMmZ3hZU7ZFw4Fbtgs55MTe RKx7SvNQdIemalM/BrrF =GMAE -----END PGP SIGNATURE-----
--------------enig85CAC8B00B03EE5B1DF3EB6C--
--===============5045974777852779211== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============5045974777852779211==--
|
|
|
|