FrSIRT - Fedora Security Update Fixes Autofs Privilege Escalation Vulnerability / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes Autofs Privilege Escalation Vulnerability

Date de Publication : 2007-12-24 © FrSIRT.COM
Titre : Fedora Security Update Fixes Autofs Privilege Escalation Vulnerability
Identifiant : FrSIRT/AVIS-2007-4297
CVE ID : CVE-2007-6285
Risque : Bas (1/4) -

Exploitable à distance : Non
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Une vulnérabilité a été identifiée dans Fedora, elle pourrait être exploitée par des utilisateurs malveillants afin d'obtenir des privilèges élevés [...]

Solution

Installer les mises à jour :

128a3cf695f9c6662f9e474f833af528208182b7 autofs-debuginfo-5.0.1-31.ppc64.rpm
fc3114f874372d841b08ccee8287f631253454a8 autofs-5.0.1-31.ppc64.rpm
fa139fe88f913d4baaeea0906362776714098254 autofs-5.0.1-31.i386.rpm
58433c1470b32faf39b9c8dd3419907b2f1bc164 autofs-debuginfo-5.0.1-31.i386.rpm
8e5583a88125b5cc1de040ec7a37b57a5f014ae3 autofs-debuginfo-5.0.1-31.x86_64.rpm
f4693139aadd71c37002548da618bc6096936bca autofs-5.0.1-31.x86_64.rpm
fd72d964299f2476244c46d7217016a4a477ae0c autofs-debuginfo-5.0.1-31.ppc.rpm
86f8116cd5906ead13d350e5455cbfb1a8eb46dd autofs-5.0.1-31.ppc.rpm
a47e9f37124f13bc7b720df5f6118a69e78ee329 autofs-5.0.1-31.src.rpm

b08e6a8236afd2250c8542612de29016f5d55efa autofs-debuginfo-5.0.2-24.ppc64.rpm
138d99ea5884b4128560dc1219d35045275bf34c autofs-5.0.2-24.ppc64.rpm
ef3527ea1b8230a764bddb76225eb2321ca60833 autofs-debuginfo-5.0.2-24.i386.rpm
297cb54d73055ad2bd2942997cde4d63dbe3a40a autofs-5.0.2-24.i386.rpm
ff889edb84ef0e04635ced4d3bb6068827c49f78 autofs-5.0.2-24.x86_64.rpm
a677c2dfac98532125583771ea565ba6f18f263d autofs-debuginfo-5.0.2-24.x86_64.rpm
359d08650474f1f97eba5421e06aff2a48e447f8 autofs-debuginfo-5.0.2-24.ppc.rpm
f684647d7866a64cf655a582d665d6cefe7506f0 autofs-5.0.2-24.ppc.rpm
32b82ceae98e35860ec74c84f6d5ffac2282f191 autofs-5.0.2-24.src.rpm

Historique

2007-12-24 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability
	IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow Vulnerability
	IBM Hardware Management Console Cross Site Scripting Vulnerabilities
	IBM OS/400 BrSmRcvAndCheck Local Buffer Overflow Vulnerability
	IBM DB2 Multiple Buffer Overflow Vulnerabilities
	IBM WebSphere Application Server Security Exposure Vulnerability
	IBM AIX Multiple Command Local Privilege Escalation Vulnerabilities

	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

	Mozilla Products Remote Code Execution Vulnerabilities
	Mozilla Firefox Unspecified Remote Command Execution Vulnerability
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues
	Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues