drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in base-files
| Name: |
Überschreiben von Dateien in base-files |
|
| ID: |
USN-3748-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 18.04 LTS |
|
| Datum: |
Di, 21. August 2018, 16:47 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6557 |
|
| Applikationen: |
base-files |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8779610269571458580==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg
Content-Type: multipart/mixed;
boundary="vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <46f340de-d367-17e3-f5da-a7c72ff19957@canonical.com>
Subject: [USN-3748-1] base-files vulnerability
--vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-3748-1
August 21, 2018
base-files vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
base-files could be made to hang or overwrite files as the administrator.
Software Description:
- base-files: Debian base system miscellaneous files
Details:
Sander Bos discovered that the MOTD update script incorrectly handled
temporary files. A local attacker could use this issue to cause a denial of
service, or possibly escalate privileges if kernel symlink restrictions
were disabled.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
base-files 10.1ubuntu2.2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3748-1
CVE-2018-6557
Package Information:
https://launchpad.net/ubuntu/+source/base-files/10.1ubuntu2.2
--vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH--
--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlt8FbsACgkQZWnYVadE
vpMxyw/9Fn0D/yviss7G7nSLSPPcnzB//d6ANyNdfdg4DmKD/e5BBeyUie25Ij2B
3t5FFhvjfsNGkvIolwVUw0hwB9vDBpVyK7E+r20rEZlHr/ARDv5Gr46rDRU3G8lp
4r4K2QdJU53mOYf9iTHkG7c67ZqZbZSdztIX+TtBRDE7kW24bmELnYLVR8GVU7Vb
IU7yWOEWQ4kNSI28D1DkgzRTkLtnxIMPGFYcqFOwjnWT6uD3PXRYdYBP1rv5zxL4
YOW5kOjGPbw1IrShelUh5cul2dI/6Y9YAIajbcndoQmGrbXZNhBw+7kDpSarwDAA
3R+zcP/0/2+WMqYXd8MQfCazwvHtJ64FSplHTk4BQgYn9xwHgbsIqgBgwuUdXyL0
2C/2FSHD+6HoSOErBfdng1DcIzNEr6mK+Sfd6ijkXWHreEkxa1eBJSdURAmoCcgB
1XuNbnhRA6Vq1OR0JGdQAwdyX8zgWTaF+M/hcWpFyINNfv/bbn55JFgpW+2E2y+J
Dij3wmiRXkXkBo8ywd3zdb2G52o4wB8g9ncwUd3ZEDYBal6+8FVIBtbjI7undd2q
e0FRw/EycsGfURQtCyb4RoZ1AA61swCb1ZQN/BT23ppKTkaulo/kf86i2wHjpZ6b
0GM3xesESiNNud2wAkJnlaQSWMN0hx5lUciD/Vin5/Fwek0rhBA=
=Hbc0
-----END PGP SIGNATURE-----
--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg--
--===============8779610269571458580==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============8779610269571458580==--
|
|
|
|
