Login
Newsletter
Werbung

Sicherheit: Überschreiben von Dateien in base-files
Aktuelle Meldungen Distributionen
Name: Überschreiben von Dateien in base-files
ID: USN-3748-1
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS
Datum: Di, 21. August 2018, 16:47
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6557
Applikationen: base-files

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8779610269571458580==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg
Content-Type: multipart/mixed;
boundary="vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <46f340de-d367-17e3-f5da-a7c72ff19957@canonical.com>
Subject: [USN-3748-1] base-files vulnerability

--vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3748-1
August 21, 2018

base-files vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

base-files could be made to hang or overwrite files as the administrator.

Software Description:
- base-files: Debian base system miscellaneous files

Details:

Sander Bos discovered that the MOTD update script incorrectly handled
temporary files. A local attacker could use this issue to cause a denial of
service, or possibly escalate privileges if kernel symlink restrictions
were disabled.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
base-files 10.1ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3748-1
CVE-2018-6557

Package Information:
https://launchpad.net/ubuntu/+source/base-files/10.1ubuntu2.2


--vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH--

--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlt8FbsACgkQZWnYVadE
vpMxyw/9Fn0D/yviss7G7nSLSPPcnzB//d6ANyNdfdg4DmKD/e5BBeyUie25Ij2B
3t5FFhvjfsNGkvIolwVUw0hwB9vDBpVyK7E+r20rEZlHr/ARDv5Gr46rDRU3G8lp
4r4K2QdJU53mOYf9iTHkG7c67ZqZbZSdztIX+TtBRDE7kW24bmELnYLVR8GVU7Vb
IU7yWOEWQ4kNSI28D1DkgzRTkLtnxIMPGFYcqFOwjnWT6uD3PXRYdYBP1rv5zxL4
YOW5kOjGPbw1IrShelUh5cul2dI/6Y9YAIajbcndoQmGrbXZNhBw+7kDpSarwDAA
3R+zcP/0/2+WMqYXd8MQfCazwvHtJ64FSplHTk4BQgYn9xwHgbsIqgBgwuUdXyL0
2C/2FSHD+6HoSOErBfdng1DcIzNEr6mK+Sfd6ijkXWHreEkxa1eBJSdURAmoCcgB
1XuNbnhRA6Vq1OR0JGdQAwdyX8zgWTaF+M/hcWpFyINNfv/bbn55JFgpW+2E2y+J
Dij3wmiRXkXkBo8ywd3zdb2G52o4wB8g9ncwUd3ZEDYBal6+8FVIBtbjI7undd2q
e0FRw/EycsGfURQtCyb4RoZ1AA61swCb1ZQN/BT23ppKTkaulo/kf86i2wHjpZ6b
0GM3xesESiNNud2wAkJnlaQSWMN0hx5lUciD/Vin5/Fwek0rhBA=
=Hbc0
-----END PGP SIGNATURE-----

--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg--


--===============8779610269571458580==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============8779610269571458580==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung