|
ID: |
TLSA-2005-82 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 7 Server, Turbolinux 7 Workstation, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Sa, 3. September 2005, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2390 |
|
Applikationen: |
ProFTPD |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2005-82
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 09 Aug 2005
Last revised: 09 Aug 2005
Package: proftpd
Summary: Format String Vulnerability
More information:
ProFTPD grew out of the desire to have a secure and configurable FTP server,
and out of a significant admiration of the Apache web server.
Multiple format string vulnerabilities exist in ProFTPD.
Impact:
These vulerabilities allow remote attackers to cause a denial of service.
Affected Products:
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
Solution:
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
[Turbolinux 10 Server]
# turbopkg
or
# zabom -u proftpd
[other]
# turbopkg
or
# zabom update proftpd
---------------------------------------------
Source Packages
Size: MD5
proftpd-1.2.9-9.src.rpm
827748 6acd3ab3fa8fad27878ee797e33ce122
Binary Packages
Size: MD5
proftpd-1.2.9-9.i586.rpm
498678 274232b6f3be14aba26a4d4e923c1a01
Source Packages
Size: MD5
proftpd-1.2.8-7.src.rpm
793488 16adf5f28a8378eeb31faa420079c5e4
Binary Packages
Size: MD5
proftpd-1.2.8-7.i586.rpm
494654 732b8779c2a529a0b6121998fdd514f4
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/proftpd-1.2.9-9.src.rpm
827748 d2992b6c25ec2c77d8689edac2084ea8
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/proftpd-1.2.9-9.i586.rpm
497537 9d51d51f8700ddb202a1904e36611e60
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/proftpd-1.2.8-7.src.rpm
793488 0546d9472f997d609d81b619455845ef
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/proftpd-1.2.8-7.i586.rpm
494697 a3cdc7aa6e97cb94eb1905efeb5833cd
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/proftpd-1.2.8-7.src.rpm
793488 a179043adc2182173f4fe2ef094c8493
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/proftpd-1.2.8-7.i586.rpm
494689 9234a0beed1f839107ef7cf6d8cdc85c
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/proftpd-1.2.8-7.src.rpm
793488 dbf025d2575461e97e268ee87dc6d6d5
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/proftpd-1.2.8-7.i586.rpm
486959 6f2fadd23c0fc7898626bde18e6e5cd8
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/proftpd-1.2.8-7.src.rpm
793488 a4a2c17c0ceda31f73224fed8ebaaca6
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/proftpd-1.2.8-7.i586.rpm
487079 2fc8f4dbdd2627fb46c192735d72c299
References:
CVE
[CAN-2005-2390]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2390
--------------------------------------------------------------------------
Revision History
09 Aug 2005 Initial release
--------------------------------------------------------------------------
Copyright(C) 2005 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFC+GjHK0LzjOqIJMwRAjBVAKC0HPKYf6CbN4LHr618QaMItqNDogCgsXpv
9PNem48B9Jeb4b6HIBnBAi0=
=C9/V
-----END PGP SIGNATURE-----
|