French Security Incident Response Team

Termes et NomenclatureDéfinition des niveaux de risquesConfidentialité et Charte de confianceService FrSIRT VNS

FrSIRT   

      

   français Français   anglais English

 
Veille en vulnérabilités
FrSIRT VNS Publisher
Demande d'informations
Période d'essai gratuite
 

Bulletins et avis de vulnérabilités
Bulletins de sécurité et avis de vulnérabilités Linux
Virus & AlertesMenaces en temps réel / Blog Sécurité Informatique
Attaques Zero-day (0-jour)
Rechercher une vulnérabilité
 

Déclarer un incident de sécurité
Mailing liste Newsletter Sécurité informatique
 

A propos de FrSIRT / ADConsulting
Nos Clients & RéférencesFrSIRT Dans la presse
Espace Annonceurs
Offre d'emploi et stage Sécurité Informatique
Nous contacter

Mandriva Security Update Fixes E2fsprogs libext2fs Integer Overflow

Date de Publication : 2007-12-11 © FrSIRT.COM
Titre : Mandriva Security Update Fixes E2fsprogs libext2fs Integer Overflow
Identifiant : FrSIRT/AVIS-2007-4151
CVE ID : CVE-2007-5497
Risque : Bas (1/4) -
Exploitable à distance : Oui
Exploitable en local : Oui
 

En savoir plus
 
  Description
  Produits affectés
  Solution
  Références
Description Technique    TXT (Plain Text)  PDF (Portable Document Format)  XML (Extensible Markup Language)  SMS (Short Message Service) 

Plusieurs vulnérabilités ont été identifiées dans Mandriva, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
ff40ef940d3bbce7c4314d0bf06d529f 2007.0/i586/e2fsprogs-1.39-2.1mdv2007.0.i586.rpm
3159902d97bdc6871faec84838c9a5ab 2007.0/i586/libext2fs2-1.39-2.1mdv2007.0.i586.rpm
ec4e5539f5168aa045899458ec2b82c3 2007.0/i586/libext2fs2-devel-1.39-2.1mdv2007.0.i586.rpm
8cb48b6e43625f33f37554445f65f2f0 2007.0/SRPMS/e2fsprogs-1.39-2.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
31ad9695ac03879d202ae8e1800e8df4 2007.0/x86_64/e2fsprogs-1.39-2.1mdv2007.0.x86_64.rpm
3fe3232e9f750d3855796e9ada2c7b18 2007.0/x86_64/lib64ext2fs2-1.39-2.1mdv2007.0.x86_64.rpm
cd1392e26b4c68be93c232cd991b0ef8 2007.0/x86_64/lib64ext2fs2-devel-1.39-2.1mdv2007.0.x86_64.rpm
8cb48b6e43625f33f37554445f65f2f0 2007.0/SRPMS/e2fsprogs-1.39-2.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
7d550dee8465b402dbc01e6881aa27a0 2007.1/i586/e2fsprogs-1.39-5.2mdv2007.1.i586.rpm
9f54587c0eb5b7af5241560bfee74b55 2007.1/i586/libext2fs2-1.39-5.2mdv2007.1.i586.rpm
4b30c50260a5d433c80e56800787c27c 2007.1/i586/libext2fs2-devel-1.39-5.2mdv2007.1.i586.rpm
3e4c659c9eaabf743382b604e2cb6fe4 2007.1/SRPMS/e2fsprogs-1.39-5.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
82d1bd6787634b85c34ae44641f52a4f 2007.1/x86_64/e2fsprogs-1.39-5.2mdv2007.1.x86_64.rpm
26ef510b1e3b4fbcd0e27170908176c3 2007.1/x86_64/lib64ext2fs2-1.39-5.2mdv2007.1.x86_64.rpm
27a5dee786f11a543544f20a78811ce3 2007.1/x86_64/lib64ext2fs2-devel-1.39-5.2mdv2007.1.x86_64.rpm
3e4c659c9eaabf743382b604e2cb6fe4 2007.1/SRPMS/e2fsprogs-1.39-5.2mdv2007.1.src.rpm

Mandriva Linux 2008.0:
d4be99f5ff36d4d5ef62787611b626ff 2008.0/i586/e2fsprogs-1.40.2-5.1mdv2008.0.i586.rpm
2a7239249e195efd3b617061cdd0dcf7 2008.0/i586/libext2fs-devel-1.40.2-5.1mdv2008.0.i586.rpm
00c482bc1cf18b4a30968ad6a24b3d81 2008.0/i586/libext2fs2-1.40.2-5.1mdv2008.0.i586.rpm
1bc32b40c67ac660d97b9261e29a9b2c 2008.0/SRPMS/e2fsprogs-1.40.2-5.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
e67a66424204013c42c54f8bd478d5ff 2008.0/x86_64/e2fsprogs-1.40.2-5.1mdv2008.0.x86_64.rpm
3a4b98d08dad0321199e981b8a1cd80a 2008.0/x86_64/lib64ext2fs-devel-1.40.2-5.1mdv2008.0.x86_64.rpm
af9c4dec36ca727fc1baba6a83766cb6 2008.0/x86_64/lib64ext2fs2-1.40.2-5.1mdv2008.0.x86_64.rpm
1bc32b40c67ac660d97b9261e29a9b2c 2008.0/SRPMS/e2fsprogs-1.40.2-5.1mdv2008.0.src.rpm

Corporate 3.0:
403bda3951bdca8b82113c0d0baabd2d corporate/3.0/i586/e2fsprogs-1.34-5.1.C30mdk.i586.rpm
d90ee27030d07a346a5237fe2938260f corporate/3.0/i586/libext2fs2-1.34-5.1.C30mdk.i586.rpm
7f3b1d7a825278d7288eb7c60282ed73 corporate/3.0/i586/libext2fs2-devel-1.34-5.1.C30mdk.i586.rpm
e7a4b7eac4f2b68ce7bd4707321fff69 corporate/3.0/SRPMS/e2fsprogs-1.34-5.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
bed3787f200681b1b71920a47f3f8d74 corporate/3.0/x86_64/e2fsprogs-1.34-5.1.C30mdk.x86_64.rpm
1511236c38ef773820c2f45b9310b677 corporate/3.0/x86_64/lib64ext2fs2-1.34-5.1.C30mdk.x86_64.rpm
4d4d9749858131a86acbf27f61f9f9aa corporate/3.0/x86_64/lib64ext2fs2-devel-1.34-5.1.C30mdk.x86_64.rpm
e7a4b7eac4f2b68ce7bd4707321fff69 corporate/3.0/SRPMS/e2fsprogs-1.34-5.1.C30mdk.src.rpm

Corporate 4.0:
8cf5c9086da533ab006087e69d544c40 corporate/4.0/i586/e2fsprogs-1.38-3.2.20060mdk.i586.rpm
9e16d9df63f786c06c0fe41d0e9988f4 corporate/4.0/i586/libext2fs2-1.38-3.2.20060mdk.i586.rpm
8014e6c373d68a5a998586599ea4cd52 corporate/4.0/i586/libext2fs2-devel-1.38-3.2.20060mdk.i586.rpm
05a7b67cf7dcfcb587aec47f2d3f8493 corporate/4.0/SRPMS/e2fsprogs-1.38-3.2.20060mdk.src.rpm

Corporate 4.0/X86_64:
8b3b8a6ce94076b52978e43cf9e12f48 corporate/4.0/x86_64/e2fsprogs-1.38-3.2.20060mdk.x86_64.rpm
30b74422fda6bd3c157179613752a264 corporate/4.0/x86_64/lib64ext2fs2-1.38-3.2.20060mdk.x86_64.rpm
95784fca97d5fea9d54603b3f6b8a8cc corporate/4.0/x86_64/lib64ext2fs2-devel-1.38-3.2.20060mdk.x86_64.rpm
05a7b67cf7dcfcb587aec47f2d3f8493 corporate/4.0/SRPMS/e2fsprogs-1.38-3.2.20060mdk.src.rpm

Multi Network Firewall 2.0:
4d98c367af2d9f27df8d4b88a5afdf1f mnf/2.0/i586/e2fsprogs-1.34-5.1.M20mdk.i586.rpm
a952ade257bea9787ba8bc6f3fc71fd7 mnf/2.0/i586/libext2fs2-1.34-5.1.M20mdk.i586.rpm
bd6b983acf88cba046a86e1172e036a8 mnf/2.0/i586/libext2fs2-devel-1.34-5.1.M20mdk.i586.rpm
cad219a6351f58e7ae7299e894229a71 mnf/2.0/SRPMS/e2fsprogs-1.34-5.1.M20mdk.src.rpm

Historique

2007-12-11 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.
 
 

Recherche    

      

Newsletter    

    
 

Cisco Wide Area Application Services CUPS Remote Vulnerability

Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

Cisco Intrusion Prevention System Jumbo Frame Vulnerability

Cisco VPN Client Deterministic Network Enhancer Privilege Escalation

Cisco Products SNMPv3 Authentication Packets Vulnerabilities

Cisco PIX and ASA Security Bypass and Denial of Service

Cisco IOS Secure Shell Remote Denial of Service

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability

IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow Vulnerability

IBM Hardware Management Console Cross Site Scripting Vulnerabilities

IBM OS/400 BrSmRcvAndCheck Local Buffer Overflow Vulnerability

IBM DB2 Multiple Buffer Overflow Vulnerabilities

IBM WebSphere Application Server Security Exposure Vulnerability

IBM AIX Multiple Command Local Privilege Escalation Vulnerabilities

  FrSIRT.COM © Tous droits réservés 2003-2008 - Notice Légale  sécurité informatique