drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Linux
Name: |
Ausführen beliebiger Kommandos in Linux |
|
ID: |
USN-1610-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Sa, 13. Oktober 2012, 00:01 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3520 |
|
Applikationen: |
Linux |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============5712142449622548379== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig5B4BB9450798251617B1989E"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig5B4BB9450798251617B1989E Content-Type: multipart/mixed; boundary="------------070104000408090305090103"
This is a multi-part message in MIME format. --------------070104000408090305090103 Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1610-1 October 12, 2012
linux vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
The system could be made to perform privileged actions as an administrator.
Software Description: - linux: Linux kernel
Details:
Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: linux-image-3.2.0-32-generic 3.2.0-32.51 linux-image-3.2.0-32-generic-pae 3.2.0-32.51 linux-image-3.2.0-32-highbank 3.2.0-32.51 linux-image-3.2.0-32-omap 3.2.0-32.51 linux-image-3.2.0-32-powerpc-smp 3.2.0-32.51 linux-image-3.2.0-32-powerpc64-smp 3.2.0-32.51 linux-image-3.2.0-32-virtual 3.2.0-32.51
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-1610-1 CVE-2012-3520
Package Information: https://launchpad.net/ubuntu/+source/linux/3.2.0-32.51
--------------070104000408090305090103 Content-Type: text/plain; charset=UTF-8; name="Attached Message Part" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Attached Message Part"
--------------070104000408090305090103--
--------------enig5B4BB9450798251617B1989E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQIcBAEBCgAGBQJQd+30AAoJEAUvNnAY1cPY8nwQAKnmzwJteYEpSblqlcuwq9jr sBiaqKh/ecdeWNaIVFRMhLBH2uxVnG4PYeFvBvTgHNFp/3EWZWwfi9eTNHTiGLpN 4Ny8i8/B1dmWHFyx4OVL7wb3s+uESj3Mz9AfFCu634BNIn3qCAl7zuN7KiY0A2C4 ljqt5fRruIvMxLXoU3UgXdorY1Vc2PPk1Nd8PxpkxZTNd6PApjb8DAq63wm6QF5t Y96Mfv1dE0F2tfZ0zUoVU8CPSaFGcJHWs2cfwfCmfvJYXLBWlJegrBIk4iYBa0rt CoWzWJPgis7Hu+JHPVSX0sgWzYfrUxha6CHE8OY2PXJLI1OYe4/++U3qGfgwiQua 6wQRD+Jl9ARkhx0ZapoXNHCjr3YNTuQnA/Fo/srou8TU4T/l1u6kXiy+4zPJ0LM+ hNl6Sih5TZ4uqJ7wwoFd5ngv9Oke6R+zlHeEPg8lqFyiV2pqwbKvoCBn9s/OGvBp DJEvWMTQDpRf2fS5Ocwbdg90SKWUSimEM0CAgsK5esMRs1mIgxR85yEo+QONl6rw 8Gf/wXKel31Aqu2E8Io75/R1uMOCnLqpFg6QpVRjK3/xlIB0duKoZJl1aPocFnNZ a4O2BfIoJnD1FL0ODlAOicsQkoUD66nSTCs0L20Kf+4JWsVBHz8ibFjA++OWAKOO 6xJ8YL50sRmGVqSr4nyM =x4Ow -----END PGP SIGNATURE-----
--------------enig5B4BB9450798251617B1989E--
--===============5712142449622548379== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============5712142449622548379==--
|
|
|
|