FrSIRT - Fedora Security Update Fixes OpenSSL Code Execution Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes OpenSSL Code Execution Vulnerabilities

Date de Publication : 2007-10-22 © FrSIRT.COM
Titre : Fedora Security Update Fixes OpenSSL Code Execution Vulnerabilities
Identifiant : FrSIRT/AVIS-2007-3556
CVE ID : CVE-2007-4995 - CVE-2007-5135
Risque : Elevé (3/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Fedora, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou exécuter un code arbitraire [...]

Solution

Installer les mises à jour :

c37df9f93cb60be5979b3f298ea3ae9814af232a openssl-0.9.8b-15.fc7.i686.rpm
872818ef2e57fa32d5c1d54a2d47bf2126c6fe63 openssl-debuginfo-0.9.8b-15.fc7.i686.rpm
a75fdd97bbeaf8ace8b96e83ed16e62a4a2e18b8 openssl-perl-0.9.8b-15.fc7.ppc64.rpm
6b43364c50ce7d644d63bbf6a6be68099b1d0176 openssl-0.9.8b-15.fc7.ppc64.rpm
5620e969c6536cdb68e1f5f44c860549b54b779b openssl-devel-0.9.8b-15.fc7.ppc64.rpm
20135cbd53849dd3ee073b550d84be21a1e0bed0 openssl-debuginfo-0.9.8b-15.fc7.ppc64.rpm
56db1f0bdff4a5ca1adc17999109363516ce4328 openssl-debuginfo-0.9.8b-15.fc7.i386.rpm
deb4791d48a17f547d167f7148c7b63e17afb55f openssl-devel-0.9.8b-15.fc7.i386.rpm
078a081396b3df338a07a5afc6e0e2f48123121b openssl-perl-0.9.8b-15.fc7.i386.rpm
00723bb077e41db70a379ba0f61a3f69a22a45d1 openssl-0.9.8b-15.fc7.i386.rpm
28964ed870499621571216e1b7ab1dee7ede7db4 openssl-perl-0.9.8b-15.fc7.x86_64.rpm
69f4c1496ffd3dd2be0e33249916039fbfa99dd6 openssl-0.9.8b-15.fc7.x86_64.rpm
8409e1077ca142d07c642af25f2bb090ea65561d openssl-devel-0.9.8b-15.fc7.x86_64.rpm
3d99d176e08a94e94d92516edee9d986f0a17bca openssl-debuginfo-0.9.8b-15.fc7.x86_64.rpm
024f3b18eb38869b94fadc83f9e1df8c52eaab54 openssl-devel-0.9.8b-15.fc7.ppc.rpm
afec7510de2b5b2bdec29508e38c2b48a10e9b81 openssl-debuginfo-0.9.8b-15.fc7.ppc.rpm
f9a7ada4fc87e54b86431aab03c8defb3c250bda openssl-perl-0.9.8b-15.fc7.ppc.rpm
6afadb49f1c65586b59af8010ee73a2d08f7776e openssl-0.9.8b-15.fc7.ppc.rpm
13f6e045792d030418081bae3b1c2606c6975b05 openssl-0.9.8b-15.fc7.src.rpm

Historique

2007-10-22 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Microsoft Windows Kernel Local Integer Overflow Vulnerability
	Microsoft Windows Vista "WRITE_ANDX" Denial of Service Vulnerability
	Microsoft Office OneNote URL Code Execution (MS08-055)
	Microsoft GDI+ Multiple Code Execution Vulnerabilities (MS08-052)
	Microsoft Visual Studio "Msmask32" Code Execution Vulnerability
	Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)
	Microsoft Windows Messenger Data Disclosure (MS08-050)

	Sun Java System Web Proxy Server FTP Heap Overflow
	Sun Solaris ACL UFS File Systems Denial of Service Vulnerability
	Sun Solaris Text Editors Tag Files Local Code Execution Vulnerability
	Sun Management Center Remote Denial of Service Vulnerability
	Sun Solaris Bzip2 Archive Handling Denial of Service Vulnerability
	Sun Solaris GNU Tar Headers Handling Buffer Overflow Vulnerability
	Sun Solaris Covert Channel Local Security Bypass Vulnerability

	Apple Mac OS X Code Execution Vulnerabilities
	Apple TV Multiple File Processing Code Execution Vulnerabilities
	Apple Mac OS X Code Execution Vulnerabilities
	Apple iPhone Code Execution Vulnerabilities
	Apple QuickTime Multiple Remote Code Execution Vulnerabilities
	Apple iTunes Driver Integer Overflow Privilege Escalation Vulnerability
	Apple iPod touch Code Execution Vulnerabilities