Login
Newsletter
Werbung

Sicherheit: Übernahme von Eingabegeräten in BlueZ
Aktuelle Meldungen Distributionen
Name: Übernahme von Eingabegeräten in BlueZ
ID: USN-413-1
Distribution: Ubuntu
Plattformen: Ubuntu 5.10
Datum: Mi, 24. Januar 2007, 03:36
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6899
Applikationen: BlueZ

Originalnachricht


--===============0462923076==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="w/VI3ydZO+RcZ3Ux"
Content-Disposition: inline


--w/VI3ydZO+RcZ3Ux
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Ubuntu Security Notice USN-413-1 January 24,
2007==========20=================================================
bluez-utils vulnerability
CVE-2006-6899
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 5.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
bluez-utils 2.20-0ubuntu3.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the HID daemon of bluez-utils. A remote
attacker could gain control of the mouse and keyboard if hidd was
enabled. This does not affect a default Ubuntu installation, since hidd
is normally disabled.


Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
=2E20-0ubuntu3.1.dsc
Size/MD5: 650 7bb5c0c29740dfae995a55ba26d07a57
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
=2E20-0ubuntu3.1.tar.gz
Size/MD5: 526189 b2444d694c7511e6653a3a9cead00889

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_amd64.deb
Size/MD5: 20086 3b4ed9604f7ba74d1e287614afa18cf4
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
=2E20-0ubuntu3.1_amd64.deb
Size/MD5: 187672 7aad0bfd925ef78d37cbeef826249c78

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_i386.deb
Size/MD5: 19518 4cce6a8b87feec8426d3b2e63945c434
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_i386.deb
Size/MD5: 15604 cb8dd267df57bcb30ec3c73e180e994e
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
=2E20-0ubuntu3.1_i386.deb
Size/MD5: 164384 431ed3045356754cbdbb96a24a7ec0dd

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_powerpc.deb
Size/MD5: 21414 72d08ff3dd99ffd8674d88fcb56bf69b
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_powerpc.deb
Size/MD5: 15610 c33bd675a14e05622c66fbb590a14442
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
=2E20-0ubuntu3.1_powerpc.deb
Size/MD5: 194032 3a7fbfb965ca835996aee0693307de71

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_sparc.deb
Size/MD5: 19748 39ec9668ce2e9f71c22435585086d01f
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_sparc.deb
Size/MD5: 15610 7b24e1d49ba44ad98faa243a3ea3a405
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
=2E20-0ubuntu3.1_sparc.deb
Size/MD5: 169410 93215bf674614af19c8709ded03a8420


--w/VI3ydZO+RcZ3Ux
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFtsRhH/9LqRcGPm0RApa5AJ4lyOEI+av5n53+dDgOrzHYHyTdiQCfZ1WL
Wqz7gb8No7KGzhTxZAOFJqs=
=jadj
-----END PGP SIGNATURE-----

--w/VI3ydZO+RcZ3Ux--


--===============0462923076==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0462923076==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung