drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in nfs-utils
| Name: |
Mangelnde Rechteprüfung in nfs-utils |
|
| ID: |
MDVSA-2009:060 |
|
| Distribution: |
Mandriva |
|
| Plattformen: |
Mandriva Corporate 3.0, Mandriva Multi Network Firewall 2.0, Mandriva Corporate 4.0, Mandriva 2008.0, Mandriva 2008.1 |
|
| Datum: |
Sa, 28. Februar 2009, 01:51 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 |
|
| Applikationen: |
Linux NFS Utilities |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1235782269-6173-1749
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:060
http://www.mandriva.com/security/
_______________________________________________________________________
Package : nfs-utils
Date : February 27, 2009
Affected: 2008.0, 2008.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Problem Description:
A security vulnerability has been identified and fixed in nfs-utils,
which caused TCP Wrappers to ignore netgroups and allows remote
attackers to bypass intended access restrictions (CVE-2008-4552).
The updated packages have been patched to prevent this.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
a3309e26384dea89035a13a195eb65a9
2008.0/i586/nfs-utils-1.1.0-12.2mdv2008.0.i586.rpm
e17379b66c0dc927eadf8b4bde947968
2008.0/i586/nfs-utils-clients-1.1.0-12.2mdv2008.0.i586.rpm
649c040e97748f0f6a9333f1cc07cb4e
2008.0/SRPMS/nfs-utils-1.1.0-12.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
2768e3374f20d4d87b38dc0ee53913ec
2008.0/x86_64/nfs-utils-1.1.0-12.2mdv2008.0.x86_64.rpm
24afc643d2054f10341cc8d60abfd10e
2008.0/x86_64/nfs-utils-clients-1.1.0-12.2mdv2008.0.x86_64.rpm
649c040e97748f0f6a9333f1cc07cb4e
2008.0/SRPMS/nfs-utils-1.1.0-12.2mdv2008.0.src.rpm
Mandriva Linux 2008.1:
2978448adef1e93fbb4992d58820283b
2008.1/i586/nfs-utils-1.1.1-9.2mdv2008.1.i586.rpm
94eb52f51949963cdb5b24d0aaaa5c13
2008.1/i586/nfs-utils-clients-1.1.1-9.2mdv2008.1.i586.rpm
7ed31ae2518e1b4cd97be3003bb52a21
2008.1/SRPMS/nfs-utils-1.1.1-9.2mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
fb099b1f8573176244a6b207c499e434
2008.1/x86_64/nfs-utils-1.1.1-9.2mdv2008.1.x86_64.rpm
99fc35580bddc26bbdadc93f3793d1d2
2008.1/x86_64/nfs-utils-clients-1.1.1-9.2mdv2008.1.x86_64.rpm
7ed31ae2518e1b4cd97be3003bb52a21
2008.1/SRPMS/nfs-utils-1.1.1-9.2mdv2008.1.src.rpm
Corporate 3.0:
bc15fd3bacccf814267569fce8bcf622
corporate/3.0/i586/nfs-utils-1.0.6-2.3.100mdk.i586.rpm
63e3c3bee48bbc938b3c31b8372aaf9e
corporate/3.0/i586/nfs-utils-clients-1.0.6-2.3.100mdk.i586.rpm
59f637b4fcab268c69be5b0d64cf3832
corporate/3.0/SRPMS/nfs-utils-1.0.6-2.3.100mdk.src.rpm
Corporate 3.0/X86_64:
3f202c3a455a9775a542a774c6792869
corporate/3.0/x86_64/nfs-utils-1.0.6-2.3.100mdk.x86_64.rpm
15423ecfeb635a96f4d081c067008f35
corporate/3.0/x86_64/nfs-utils-clients-1.0.6-2.3.100mdk.x86_64.rpm
59f637b4fcab268c69be5b0d64cf3832
corporate/3.0/SRPMS/nfs-utils-1.0.6-2.3.100mdk.src.rpm
Corporate 4.0:
859988bb3dd95155e7caea5310011132
corporate/4.0/i586/nfs-utils-1.0.9-0.1.20060mlcs4.i586.rpm
13a3dd01587c8299acf81dfe8b26ea78
corporate/4.0/i586/nfs-utils-clients-1.0.9-0.1.20060mlcs4.i586.rpm
cffaae7696e36c69627296b714dec455
corporate/4.0/SRPMS/nfs-utils-1.0.9-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
1ebdaaffad677d35d13dfd21b7f67790
corporate/4.0/x86_64/nfs-utils-1.0.9-0.1.20060mlcs4.x86_64.rpm
f33ade5e5b007014bf849f96171f711f
corporate/4.0/x86_64/nfs-utils-clients-1.0.9-0.1.20060mlcs4.x86_64.rpm
cffaae7696e36c69627296b714dec455
corporate/4.0/SRPMS/nfs-utils-1.0.9-0.1.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
9d3bbbe6e938a2065dfb68ca1631b813
mnf/2.0/i586/nfs-utils-1.0.6-2.3.100mdk.i586.rpm
56fdd741f7cb5e05bf41de1cdaab5b77
mnf/2.0/i586/nfs-utils-clients-1.0.6-2.3.100mdk.i586.rpm
299486c57905d6f988ad9828cedb0ad7
mnf/2.0/SRPMS/nfs-utils-1.0.6-2.3.100mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJqF1FmqjQ0CJFipgRApPwAJ43DW1JoyDhHsLU4XVoB1tJG3qTlwCgthm+
18IlBv2SUmhrfSbqJiAC9qM=
=EZNq
-----END PGP SIGNATURE-----
------------=_1235782269-6173-1749
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
------------=_1235782269-6173-1749--
|
|
|
|
