FrSIRT - Mandriva Security Update Fixes Boost Denial of Service Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Mandriva Security Update Fixes Boost Denial of Service Vulnerabilities

Date de Publication : 2008-02-04 © FrSIRT.COM
Titre : Mandriva Security Update Fixes Boost Denial of Service Vulnerabilities
Identifiant : FrSIRT/AVIS-2008-0381
CVE ID : CVE-2008-0171 - CVE-2008-0172
Risque : Bas (1/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Mandriva, elles pourraient être exploitées par des attaquants afin de causer un déni de service [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
050747f9a2c9557d33977d9bd51184b2 2007.0/i586/libboost1-1.33.1-3.1mdv2007.0.i586.rpm
447ac5fc34d29669c8a21b7abd677413 2007.0/i586/libboost1-devel-1.33.1-3.1mdv2007.0.i586.rpm
4b4b7ff3d032516cd2f22af208ef7d3b 2007.0/i586/libboost1-examples-1.33.1-3.1mdv2007.0.i586.rpm
b084ed15b24c16e41ea2660732d1fa53 2007.0/i586/libboost1-static-devel-1.33.1-3.1mdv2007.0.i586.rpm
4b9252988703c7360d91138aa1b738b7 2007.0/SRPMS/boost-1.33.1-3.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
9b983d8a118824218998792630a93368 2007.0/x86_64/lib64boost1-1.33.1-3.1mdv2007.0.x86_64.rpm
f975c8790f99728dd3635b0a79a2b639 2007.0/x86_64/lib64boost1-devel-1.33.1-3.1mdv2007.0.x86_64.rpm
8349cb46e64007d854902abe784278d8 2007.0/x86_64/lib64boost1-examples-1.33.1-3.1mdv2007.0.x86_64.rpm
8781b8e9cac3079e22be542dc89679e0 2007.0/x86_64/lib64boost1-static-devel-1.33.1-3.1mdv2007.0.x86_64.rpm
4b9252988703c7360d91138aa1b738b7 2007.0/SRPMS/boost-1.33.1-3.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
4e2b108f19e9e77cacd23f950a287c1a 2007.1/i586/libboost1-1.33.1-5.1mdv2007.1.i586.rpm
953ecb0bb51516d5a860947c6ec3cca3 2007.1/i586/libboost1-devel-1.33.1-5.1mdv2007.1.i586.rpm
cec00f6e2461c188e12248ec1085b64a 2007.1/i586/libboost1-examples-1.33.1-5.1mdv2007.1.i586.rpm
7f3150b483155ba9ddc5ce9b9c6a24b1 2007.1/i586/libboost1-static-devel-1.33.1-5.1mdv2007.1.i586.rpm
0133bec4e45c53c26b59fe599b0c2ef3 2007.1/SRPMS/boost-1.33.1-5.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
55150e1ce05e3d3385815648cd4924ba 2007.1/x86_64/lib64boost1-1.33.1-5.1mdv2007.1.x86_64.rpm
93d7474def1e122c4ddf5fab1e81dfd6 2007.1/x86_64/lib64boost1-devel-1.33.1-5.1mdv2007.1.x86_64.rpm
59dd3438007e7d383d3cbaa1b2eacb38 2007.1/x86_64/lib64boost1-examples-1.33.1-5.1mdv2007.1.x86_64.rpm
a213a0ee7cdc1b75fbbde6835a7295db 2007.1/x86_64/lib64boost1-static-devel-1.33.1-5.1mdv2007.1.x86_64.rpm
0133bec4e45c53c26b59fe599b0c2ef3 2007.1/SRPMS/boost-1.33.1-5.1mdv2007.1.src.rpm

Mandriva Linux 2008.0:
e184b23843e35d7365033cc6cb45f2dd 2008.0/i586/libboost1-1.33.1-6.1mdv2008.0.i586.rpm
6fa2ca96cb71d8bd3e54aa2f05118017 2008.0/i586/libboost1-devel-1.33.1-6.1mdv2008.0.i586.rpm
aa82d51548030d03ad1e86a174013333 2008.0/i586/libboost1-examples-1.33.1-6.1mdv2008.0.i586.rpm
42d0e230fca8ac7b094f9d159e9d8758 2008.0/i586/libboost1-static-devel-1.33.1-6.1mdv2008.0.i586.rpm
e4b3da7cdfb5210d65c5b60556e9744e 2008.0/SRPMS/boost-1.33.1-6.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
af70bbe3671b92f97d09e845682609ca 2008.0/x86_64/lib64boost1-1.33.1-6.1mdv2008.0.x86_64.rpm
3597c04eea3dea15c278cdb3f0bbcc8e 2008.0/x86_64/lib64boost1-devel-1.33.1-6.1mdv2008.0.x86_64.rpm
65468c84027dbe61a43146a82a5a76e8 2008.0/x86_64/lib64boost1-examples-1.33.1-6.1mdv2008.0.x86_64.rpm
3a6b5ed6fffb8d18358729afb1f9ebc1 2008.0/x86_64/lib64boost1-static-devel-1.33.1-6.1mdv2008.0.x86_64.rpm
e4b3da7cdfb5210d65c5b60556e9744e 2008.0/SRPMS/boost-1.33.1-6.1mdv2008.0.src.rpm

Historique

2008-02-04 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability
	IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow Vulnerability
	IBM Hardware Management Console Cross Site Scripting Vulnerabilities
	IBM OS/400 BrSmRcvAndCheck Local Buffer Overflow Vulnerability
	IBM DB2 Multiple Buffer Overflow Vulnerabilities
	IBM WebSphere Application Server Security Exposure Vulnerability
	IBM AIX Multiple Command Local Privilege Escalation Vulnerabilities

	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
	Cisco Products SNMPv3 Authentication Packets Vulnerabilities
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco IOS Secure Shell Remote Denial of Service

	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities
	Sun Solaris "snmpXdmid" Packet Handling Denial of Service Vulnerability
	Sun Solaris FreeType2 Library Multiple Memory Corruption Vulnerabilities
	Sun Java System Calendar Server Denial of Service Vulnerability
	Sun Solaris SMA SNMPv3 Authentication Bypass Vulnerability