drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in chkrootkit
Name: |
Ausführen beliebiger Kommandos in chkrootkit |
|
ID: |
USN-2230-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 13.10, Ubuntu 14.04 LTS |
|
Datum: |
Mi, 4. Juni 2014, 18:32 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476 |
|
Applikationen: |
chkrootkit |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4206974309687640206== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="dsImvD5CHut3ewVkXC75KGJqX8EDLJQUp"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --dsImvD5CHut3ewVkXC75KGJqX8EDLJQUp Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2230-1 June 04, 2014
chkrootkit vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS - Ubuntu 13.10 - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS
Summary:
chkrootkit could be made to run programs as an administrator.
Software Description: - chkrootkit: rootkit detector
Details:
Thomas Stangner discovered that chkrootkit incorrectly quoted certain values. A local attacker could use this issue to execute arbitrary code when chkrootkit is run and gain root privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: chkrootkit 0.49-4.1ubuntu1.14.04.1
Ubuntu 13.10: chkrootkit 0.49-4.1ubuntu1.13.10.1
Ubuntu 12.04 LTS: chkrootkit 0.49-4ubuntu1.1
Ubuntu 10.04 LTS: chkrootkit 0.49-3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2230-1 CVE-2014-0476
Package Information: https://launchpad.net/ubuntu/+source/chkrootkit/0.49-4.1ubuntu1.14.04.1 https://launchpad.net/ubuntu/+source/chkrootkit/0.49-4.1ubuntu1.13.10.1 https://launchpad.net/ubuntu/+source/chkrootkit/0.49-4ubuntu1.1 https://launchpad.net/ubuntu/+source/chkrootkit/0.49-3ubuntu0.1
--dsImvD5CHut3ewVkXC75KGJqX8EDLJQUp Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJTjy59AAoJEGVp2FWnRL6TvfYP/3E+GrNSFhus9Rtk/VKq4uXZ DOm5hy+PisIMnsJFQHTBHarmW42v5rg6jRB5TCO3DaQvCsGjYwsGKaBa0K3VG302 A47Z1xoPcGgff5lKcjPM2Y0IJsEYwkX1Bq0LDvQpxIsbZG+lK1FbDEUO1Kpg2Jl2 7WdEts8Yr+/nLDczKN3qP+/pNBmhCu5a3sGfuAlWvS5UIhVPrfMkhzZTNXgOOcBp za5J4+GP0BWWyCOXReuAeErQoIlDhqUg+ny8+oO0AwMRH4OLoumE+mvtjU4hMzMp 652bLfaQ0yq82B9GmqFlKLv74TcAlYO1V1KLMrrFON0yI7y1StNy6G8tLqUDu78t j8al7KQ1Bwedf4oOwfIrplhnA99z/oeX3D5/6RtlhQ6F3JqPsnbx+nElHWlcHsRT c/pOUQ6yO8N4egjBV9/5yE1tw5UjTRSqbP7auggVb3kDvDqCxyRb7EXRS97kpOGZ 3Bhn8pW0mCmeZ9UkkNIidj+6Jarc3mYcwcupJZRlbRw8Qg4iogPUSS+3TvRYEfYl orSYqk3RdHfzRARLRsnJhiDSHHYfzGfK55XixAacm+UqdYnu48XNZilki+WG8YqY 8jJ3T8q0Pk5w066bVqvZoOw4JKNwMZCas2U1C4yrX+3Ri2EdD0ZG0L7Niu3n+VjG kXaZe6mgZme0i9w7d98k =Fhun -----END PGP SIGNATURE-----
--dsImvD5CHut3ewVkXC75KGJqX8EDLJQUp--
--===============4206974309687640206== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4206974309687640206==--
|
|
|
|