FrSIRT - Fedora Security Update Fixes Blam Untrusted Search Path Weakness / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes Blam Untrusted Search Path Weakness

Date de Publication : 2007-11-28 © FrSIRT.COM
Titre : Fedora Security Update Fixes Blam Untrusted Search Path Weakness
Identifiant : FrSIRT/AVIS-2007-4023
CVE ID : CVE-2005-4790
Risque : Bas (1/4) -

Exploitable à distance : Non
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Une vulnérabilité a été identifiée dans Fedora, elle pourrait être exploitée par des attaquants locaux afin d'obtenir des privilèges élevés [...]

Solution

Installer les mises à jour :

7bc7f1f01d672abaa13f4a2e4c02a8c01a1f1c2e blam-1.8.3-9.fc7.i386.rpm
0c9aa73347873be18fca0e9d0accd8a31634fa34 blam-debuginfo-1.8.3-9.fc7.i386.rpm
5a05537c6b4aabccd52ec6c308bee3015acb9918 blam-debuginfo-1.8.3-9.fc7.x86_64.rpm
5cc7d651d09410b957605518285581434fe6f626 blam-1.8.3-9.fc7.x86_64.rpm
1c89824bf2ccc11c11406acb32cb3c3d126eaeb2 blam-1.8.3-9.fc7.ppc.rpm
b10961d8e75d2716a1c145667ff753e7717df80f blam-debuginfo-1.8.3-9.fc7.ppc.rpm
4413684e045f0c2fa88816ce4fce6064e11bf91a blam-1.8.3-9.fc7.src.rpm

8c2691d5d608dfe4ebe49d19c5648e98f796e799 blam-debuginfo-1.8.3-11.fc8.i386.rpm
2aa1c2490235906853b3b33dbc8b307cbf7c5a7e blam-1.8.3-11.fc8.i386.rpm
affe4814232cf9abaf7b9222cf1eb6a4fa4a0f3c blam-debuginfo-1.8.3-11.fc8.x86_64.rpm
ed5e6144b7719e3b2d5f1d70f26bdbe4b298d490 blam-1.8.3-11.fc8.x86_64.rpm
d0967a8905fb3aaa46f3ba302bec787eae2446f8 blam-1.8.3-11.fc8.ppc.rpm
d52414a5eabf5d02af9109f3191d215ca57cfb25 blam-debuginfo-1.8.3-11.fc8.ppc.rpm
17ceb85f572cec39fe2df132d4c92bb83de8a951 blam-1.8.3-11.fc8.src.rpm

Historique

2007-11-28 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
	Cisco Products SNMPv3 Authentication Packets Vulnerabilities
	Cisco PIX and ASA Security Bypass and Denial of Service

	IBM WebSphere Application Server Security Exposure Vulnerabilities
	IBM AIX DNS Transaction ID Remote Cache Poisoning Vulnerability
	IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability
	IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow Vulnerability
	IBM Hardware Management Console Cross Site Scripting Vulnerabilities
	IBM OS/400 BrSmRcvAndCheck Local Buffer Overflow Vulnerability
	IBM DB2 Multiple Buffer Overflow Vulnerabilities

	Sun Solaris System Management Agent Buffer Overflow Vulnerability
	Sun Update Fixes Mozilla Thunderbird Multiple Vulnerabilities
	Sun Java JDK and JRE Code Execution Vulnerabilities
	Sun Solaris DNS Protocol Remote Cache Poisoning Vulnerability
	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities