FrSIRT - Mandriva Security Update Fixes Tcl Denial of Service Vulnerability / Exploit

French Security Incident Response Team

Français

English

Mandriva Security Update Fixes Tcl Denial of Service Vulnerability

Date de Publication : 2008-03-06 © FrSIRT.COM
Titre : Mandriva Security Update Fixes Tcl Denial of Service Vulnerability
Identifiant : FrSIRT/AVIS-2008-0772
CVE ID : CVE-2007-4772
Risque : Modéré (2/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Une vulnérabilité a été identifiée dans Mandriva, elle pourrait être exploitée afin de causer un déni de service [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
bde7e57d9dc7d568c0390ba3db4b5a3c 2007.0/i586/libtcl8.4-8.4.13-1.1mdv2007.0.i586.rpm
d5a61fcda52e37a15c19e7d5c068656e 2007.0/i586/libtcl8.4-devel-8.4.13-1.1mdv2007.0.i586.rpm
b243426d0d7f8d0a10ba70651feaef03 2007.0/i586/tcl-8.4.13-1.1mdv2007.0.i586.rpm
4f287e93256eaf7c84a0448ef2008020 2007.0/SRPMS/tcl-8.4.13-1.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
fa6beda37d3eaf2200e3b30af08751e9 2007.0/x86_64/lib64tcl8.4-8.4.13-1.1mdv2007.0.x86_64.rpm
46aa8b711feb915543ae2191da82bd01 2007.0/x86_64/lib64tcl8.4-devel-8.4.13-1.1mdv2007.0.x86_64.rpm
105fc5f39986cc6db6b4adb068baf425 2007.0/x86_64/tcl-8.4.13-1.1mdv2007.0.x86_64.rpm
4f287e93256eaf7c84a0448ef2008020 2007.0/SRPMS/tcl-8.4.13-1.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
5d5648b2bb457b157e1c30329f9891c7 2007.1/i586/libtcl8.4-8.4.14-1.1mdv2007.1.i586.rpm
a98f64c60b59d32e54baf01275c85cbf 2007.1/i586/libtcl8.4-devel-8.4.14-1.1mdv2007.1.i586.rpm
62b8899728974799108afe5a5c39b34a 2007.1/i586/tcl-8.4.14-1.1mdv2007.1.i586.rpm
569e9de9c684040893255a5800b49037 2007.1/SRPMS/tcl-8.4.14-1.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
817d49b898cc17e360141894c922e6cd 2007.1/x86_64/lib64tcl8.4-8.4.14-1.1mdv2007.1.x86_64.rpm
4b277a29b3c41b37010e7c10f9644f7f 2007.1/x86_64/lib64tcl8.4-devel-8.4.14-1.1mdv2007.1.x86_64.rpm
70bbb7e664ec0fd8636faf6734e205a3 2007.1/x86_64/tcl-8.4.14-1.1mdv2007.1.x86_64.rpm
569e9de9c684040893255a5800b49037 2007.1/SRPMS/tcl-8.4.14-1.1mdv2007.1.src.rpm

Mandriva Linux 2008.0:
b474df935ae9405261886dc3983876e7 2008.0/i586/libtcl-devel-8.5a6-4.1mdv2008.0.i586.rpm
6e675eb728a9e61b139b1084fd451298 2008.0/i586/libtcl8.5-8.5a6-4.1mdv2008.0.i586.rpm
50111e483a4d70a7522038532f583e7d 2008.0/i586/tcl-8.5a6-4.1mdv2008.0.i586.rpm
42741c6d8cd19fb3907ceb97d934a6f6 2008.0/SRPMS/tcl-8.5a6-4.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
72982af24a4ed7c44ec46f8f4b593dee 2008.0/x86_64/lib64tcl-devel-8.5a6-4.1mdv2008.0.x86_64.rpm
3acb0a9ebc9aab51b6ff23d316721518 2008.0/x86_64/lib64tcl8.5-8.5a6-4.1mdv2008.0.x86_64.rpm
35a0827df193416c3ea6400309b4ae30 2008.0/x86_64/tcl-8.5a6-4.1mdv2008.0.x86_64.rpm
42741c6d8cd19fb3907ceb97d934a6f6 2008.0/SRPMS/tcl-8.5a6-4.1mdv2008.0.src.rpm

Corporate 3.0:
45c8fbd95bebbad1b23f8bb2b15abe31 corporate/3.0/i586/expect-8.4.5-3.3.C30mdk.i586.rpm
a45706ad62f18aa9a9ee532ece27349f corporate/3.0/i586/itcl-8.4.5-3.3.C30mdk.i586.rpm
f448c6df20f64d967bf51cfc89139c61 corporate/3.0/i586/tcl-8.4.5-3.3.C30mdk.i586.rpm
508f120b23e7de9f91e68b6416360c57 corporate/3.0/i586/tcllib-8.4.5-3.3.C30mdk.i586.rpm
78a9d355932b0584734f927bf0bd21cb corporate/3.0/i586/tclx-8.4.5-3.3.C30mdk.i586.rpm
dc15072dc76732f54e7effc67aa506e9 corporate/3.0/i586/tix-8.4.5-3.3.C30mdk.i586.rpm
1ad401d437998a447f8767eac0ed3f64 corporate/3.0/i586/tk-8.4.5-3.3.C30mdk.i586.rpm
aca59d9916edfbf607b42a089c4e51f5 corporate/3.0/SRPMS/tcltk-8.4.5-3.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
ab9dcf95b516f63779a48fa5da217e2c corporate/3.0/x86_64/expect-8.4.5-3.3.C30mdk.x86_64.rpm
ccf0b17e73baed1a5597698501d4e16c corporate/3.0/x86_64/itcl-8.4.5-3.3.C30mdk.x86_64.rpm
7004fe82ceadb690a1c537dfffa8a602 corporate/3.0/x86_64/tcl-8.4.5-3.3.C30mdk.x86_64.rpm
8082288dd36eefe4f59f288636d86f52 corporate/3.0/x86_64/tcllib-8.4.5-3.3.C30mdk.x86_64.rpm
0d535ba37b8521ba2aed9ef62597b91f corporate/3.0/x86_64/tclx-8.4.5-3.3.C30mdk.x86_64.rpm
8eb5591457bdac01a6ebd5946bedbae2 corporate/3.0/x86_64/tix-8.4.5-3.3.C30mdk.x86_64.rpm
73d05959408f8daba243008033d1214c corporate/3.0/x86_64/tk-8.4.5-3.3.C30mdk.x86_64.rpm
aca59d9916edfbf607b42a089c4e51f5 corporate/3.0/SRPMS/tcltk-8.4.5-3.3.C30mdk.src.rpm

Corporate 4.0:
5a24c2fa2c3ef75bf5a6a9c8e8d9fde4 corporate/4.0/i586/expect-8.4.11-1.3.20060mlcs4.i586.rpm
2f76f932af5019692972d3fe8cbe942b corporate/4.0/i586/itcl-8.4.11-1.3.20060mlcs4.i586.rpm
059e9d9563b405543ccec50b92fa49e3 corporate/4.0/i586/iwidgets-8.4.11-1.3.20060mlcs4.i586.rpm
014aeb9e3dc0e3899fa4b5b5d8c7c704 corporate/4.0/i586/libtcl8.4-8.4.11-1.3.20060mlcs4.i586.rpm
b35a6907bd77090e61fec7d65bbcf80a corporate/4.0/i586/libtk8.4-8.4.11-1.3.20060mlcs4.i586.rpm
01ca6961c52b0f1739a6aba00be421ea corporate/4.0/i586/tcl-8.4.11-1.3.20060mlcs4.i586.rpm
db164a6464887403276021736452643c corporate/4.0/i586/tcllib-8.4.11-1.3.20060mlcs4.i586.rpm
cf1c172d676d667dcd6c3b78e116fb2a corporate/4.0/i586/tclx-8.4.11-1.3.20060mlcs4.i586.rpm
80688ec696067190d438844dd1c1ebd4 corporate/4.0/i586/tix-8.4.11-1.3.20060mlcs4.i586.rpm
03dd827528301f02038d3696c36f1f86 corporate/4.0/i586/tk-8.4.11-1.3.20060mlcs4.i586.rpm
07140ab293a0f8bbd2e85bd89b489fd5 corporate/4.0/SRPMS/tcltk-8.4.11-1.3.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
232612b1f9135e5234bff7df706ab1df corporate/4.0/x86_64/expect-8.4.11-1.3.20060mlcs4.x86_64.rpm
078c7030c223c97d6ab8541452b63753 corporate/4.0/x86_64/itcl-8.4.11-1.3.20060mlcs4.x86_64.rpm
3ba3e8b7c99c760bc3a08a03132291e3 corporate/4.0/x86_64/iwidgets-8.4.11-1.3.20060mlcs4.x86_64.rpm
bb86132cbefd68b96aa124ecb89f672c corporate/4.0/x86_64/lib64tcl8.4-8.4.11-1.3.20060mlcs4.x86_64.rpm
868ea1ba1a40899c20e7ccfb49683dfd corporate/4.0/x86_64/lib64tk8.4-8.4.11-1.3.20060mlcs4.x86_64.rpm
e508a95776eb6df6173a696f4db57871 corporate/4.0/x86_64/tcl-8.4.11-1.3.20060mlcs4.x86_64.rpm
97a832f2d7ca0fe9a9784d2ed9800533 corporate/4.0/x86_64/tcllib-8.4.11-1.3.20060mlcs4.x86_64.rpm
1829edd678990445ddf160f1ba7953d3 corporate/4.0/x86_64/tclx-8.4.11-1.3.20060mlcs4.x86_64.rpm
16851058602125ff6b2a34ca0732ffb9 corporate/4.0/x86_64/tix-8.4.11-1.3.20060mlcs4.x86_64.rpm
094fb75804cd0458f073c41561f3b0e7 corporate/4.0/x86_64/tk-8.4.11-1.3.20060mlcs4.x86_64.rpm
07140ab293a0f8bbd2e85bd89b489fd5 corporate/4.0/SRPMS/tcltk-8.4.11-1.3.20060mlcs4.src.rpm

Historique

2008-03-06 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Apple Mac OS X Code Execution Vulnerabilities
	Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities
	Apple Xcode Code Execution and Information Disclosure Vulnerabilities
	Apple TV Data Processing Remote Code Execution Vulnerabilities
	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

	IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability
	IBM WebSphere Application Server Cross Site Scripting Vulnerability
	IBM DB2 CLR Stored Procedures Unspecified Vulnerability
	IBM Lotus Quickr Multiple Cross Site Scripting Vulnerabilities
	IBM WebSphere Portal Remote Authentication Bypass Vulnerability
	IBM Rational ClearQuest Login Page Cross Site Scripting Vulnerability
	IBM WebSphere Application Server Security Exposure Vulnerabilities

	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation