French Security Incident Response Team

Termes et NomenclatureDéfinition des niveaux de risquesConfidentialité et Charte de confianceService FrSIRT VNS

FrSIRT   

      

   français Français   anglais English

 
Veille en vulnérabilités
FrSIRT VNS Publisher
Demande d'informations
Période d'essai gratuite
 

Bulletins et avis de vulnérabilités
Bulletins de sécurité et avis de vulnérabilités Linux
Virus & AlertesMenaces en temps réel / Blog Sécurité Informatique
Attaques Zero-day (0-jour)
Rechercher une vulnérabilité
 

Déclarer un incident de sécurité
Mailing liste Newsletter Sécurité informatique
 

A propos de FrSIRT / ADConsulting
Nos Clients & RéférencesFrSIRT Dans la presse
Espace Annonceurs
Offre d'emploi et stage Sécurité Informatique
Nous contacter

Mandriva Security Update Fixes D-Bus Security Policy Bypass Issue

Date de Publication : 2008-02-29 © FrSIRT.COM
Titre : Mandriva Security Update Fixes D-Bus Security Policy Bypass Issue
Identifiant : FrSIRT/AVIS-2008-0706
CVE ID : CVE-2008-0595
Risque : Bas (1/4) -
Exploitable à distance : Non
Exploitable en local : Oui
 

En savoir plus
 
  Description
  Produits affectés
  Solution
  Références
Description Technique    TXT (Plain Text)  PDF (Portable Document Format)  XML (Extensible Markup Language)  SMS (Short Message Service) 

Une vulnérabilité a été identifiée dans Mandriva, elle pourrait être exploitée par des attaquants afin de contourner les mesures de sécurité [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
5a7276c83f7f3ac5e2d8f26f3cf0fed9 2007.0/i586/dbus-0.92-8.3mdv2007.0.i586.rpm
e97939d34bc7d3782bf8c5f54b6bca90 2007.0/i586/dbus-x11-0.92-8.3mdv2007.0.i586.rpm
9163f5e8243bf78d88be99329ee5536e 2007.0/i586/libdbus-1_3-0.92-8.3mdv2007.0.i586.rpm
dd9015731ae2557d7e0962204eedacc3 2007.0/i586/libdbus-1_3-devel-0.92-8.3mdv2007.0.i586.rpm
7e124dac56bfef6f1966cbc2f535fa7b 2007.0/SRPMS/dbus-0.92-8.3mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
79ace61e47f1dee7e62cfa2e7b1fd700 2007.0/x86_64/dbus-0.92-8.3mdv2007.0.x86_64.rpm
422ee658a55a0b36f53be71965e6d890 2007.0/x86_64/dbus-x11-0.92-8.3mdv2007.0.x86_64.rpm
e7126e8743aaa2994815eac7816ab1af 2007.0/x86_64/lib64dbus-1_3-0.92-8.3mdv2007.0.x86_64.rpm
ff7a748f340acc367150b76bc96d9144 2007.0/x86_64/lib64dbus-1_3-devel-0.92-8.3mdv2007.0.x86_64.rpm
7e124dac56bfef6f1966cbc2f535fa7b 2007.0/SRPMS/dbus-0.92-8.3mdv2007.0.src.rpm

Mandriva Linux 2007.1:
c46891482cb070370be2c6157d6bef2f 2007.1/i586/dbus-1.0.2-5.1mdv2007.1.i586.rpm
ce9017c03cf6da6c230813a17575e3ec 2007.1/i586/dbus-x11-1.0.2-5.1mdv2007.1.i586.rpm
6c4101834728f802046b542f151b1610 2007.1/i586/libdbus-1_3-1.0.2-5.1mdv2007.1.i586.rpm
77e621ee92730a2dc2cf1afa3767fb0f 2007.1/i586/libdbus-1_3-devel-1.0.2-5.1mdv2007.1.i586.rpm
871e7bf8eb42f738ea608498bb22c83d 2007.1/SRPMS/dbus-1.0.2-5.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
810876faa8ab66ad81208e478d1b6c66 2007.1/x86_64/dbus-1.0.2-5.1mdv2007.1.x86_64.rpm
8264902b916bf8173254d409190e4521 2007.1/x86_64/dbus-x11-1.0.2-5.1mdv2007.1.x86_64.rpm
9af9c3dafc670a714fccd436eb2f5f55 2007.1/x86_64/lib64dbus-1_3-1.0.2-5.1mdv2007.1.x86_64.rpm
74eab3e48b81c4d28059e18d2f85c6cd 2007.1/x86_64/lib64dbus-1_3-devel-1.0.2-5.1mdv2007.1.x86_64.rpm
871e7bf8eb42f738ea608498bb22c83d 2007.1/SRPMS/dbus-1.0.2-5.1mdv2007.1.src.rpm

Mandriva Linux 2008.0:
8229d2b51c125547a97777820e2b1a07 2008.0/i586/dbus-1.0.2-10.1mdv2008.0.i586.rpm
54cda1c75e70def572ad0863ff5906be 2008.0/i586/dbus-x11-1.0.2-10.1mdv2008.0.i586.rpm
c0fe93aefc3fb7ba23c1fa094e514fb6 2008.0/i586/libdbus-1_3-1.0.2-10.1mdv2008.0.i586.rpm
73faf4f17084c8d7649ae9a7ba2388a8 2008.0/i586/libdbus-1_3-devel-1.0.2-10.1mdv2008.0.i586.rpm
434db235c2a5c47a71da59419c47af6f 2008.0/SRPMS/dbus-1.0.2-10.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
bbd678498ca22dbc20f9c3a1e5070242 2008.0/x86_64/dbus-1.0.2-10.1mdv2008.0.x86_64.rpm
91b3a599276bea83e65090250944c83c 2008.0/x86_64/dbus-x11-1.0.2-10.1mdv2008.0.x86_64.rpm
d2e9804fbe492b9d00784c05e739f46d 2008.0/x86_64/lib64dbus-1_3-1.0.2-10.1mdv2008.0.x86_64.rpm
0088a4965b25db33615eb7192dff7ddc 2008.0/x86_64/lib64dbus-1_3-devel-1.0.2-10.1mdv2008.0.x86_64.rpm
434db235c2a5c47a71da59419c47af6f 2008.0/SRPMS/dbus-1.0.2-10.1mdv2008.0.src.rpm

Historique

2008-02-29 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.
 
 

Recherche    

      

Newsletter    

    
 

Apple Mac OS X Code Execution Vulnerabilities

Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities

Apple Xcode Code Execution and Information Disclosure Vulnerabilities

Apple TV Data Processing Remote Code Execution Vulnerabilities

Apple Mac OS X Command Execution Vulnerabilities

Apple Safari for Mac OS X Remote Code Execution Vulnerability

Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities

Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

Cisco Intrusion Prevention System Jumbo Frame Vulnerability

Cisco VPN Client Deterministic Network Enhancer Privilege Escalation

Oracle Products Multiple Code Execution Vulnerabilities

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

  FrSIRT.COM © Tous droits réservés 2003-2008 - Notice Légale  sécurité informatique