drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in usbmuxd
Name: |
Ausführen beliebiger Kommandos in usbmuxd |
|
ID: |
FEDORA-2012-1213 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 15 |
|
Datum: |
Sa, 18. Februar 2012, 17:28 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0065 |
|
Applikationen: |
usbmuxd |
|
Originalnachricht |
Name : usbmuxd Product : Fedora 15 Version : 1.0.7 Release : 3.fc15 URL : http://marcansoft.com/uploads/ Summary : Daemon for communicating with Apple's iPod Touch and iPhone Description : usbmuxd is a daemon used for communicating with Apple's iPod Touch and iPhone devices. It allows multiple services on the device to be accessed simultaneously.
------------------------------------------------------------------------------- - Update Information:
Fixes CVE-2012-0065
It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user. ------------------------------------------------------------------------------- - ChangeLog:
* Thu Feb 2 2012 Peter Robinson <pbrobinson@fedoraproject.org> - 1.0.7-3 - Add debian patch for CVE-2012-0065. Fixes RHBZ 783523 * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #783523 - CVE-2012-0065 usbmuxd 1.0.7 receive_packet() Buffer Overflow Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=783523 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update usbmuxd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|