French Security Incident Response Team

Termes et NomenclatureDéfinition des niveaux de risquesConfidentialité et Charte de confianceService FrSIRT VNS

FrSIRT   

      

   français Français   anglais English

 
Veille en vulnérabilités
FrSIRT VNS Publisher
Demande d'informations
Période d'essai gratuite
 

Bulletins et avis de vulnérabilités
Bulletins de sécurité et avis de vulnérabilités Linux
Virus & AlertesMenaces en temps réel / Blog Sécurité Informatique
Attaques Zero-day (0-jour)
Rechercher une vulnérabilité
 

Déclarer un incident de sécurité
Mailing liste Newsletter Sécurité informatique
 

A propos de FrSIRT / ADConsulting
Nos Clients & RéférencesFrSIRT Dans la presse
Espace Annonceurs
Offre d'emploi et stage Sécurité Informatique
Nous contacter

Mandriva Security Update Fixes Bzip2 Archive Handling Vulnerability

Date de Publication : 2008-03-25 © FrSIRT.COM
Titre : Mandriva Security Update Fixes Bzip2 Archive Handling Vulnerability
Identifiant : FrSIRT/AVIS-2008-0958
CVE ID : CVE-2008-1372
Risque : Bas (1/4) -
Exploitable à distance : Oui
Exploitable en local : Oui
 

En savoir plus
 
  Description
  Produits affectés
  Solution
  Références
Description Technique    TXT (Plain Text)  PDF (Portable Document Format)  XML (Extensible Markup Language)  SMS (Short Message Service) 

Une vulnérabilité a été identifiée dans Mandriva, elle pourrait être exploitée par des attaquants afin de causer un déni de service [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
d7ec22e71581a3f3b8482d69a6310045 2007.0/i586/bzip2-1.0.3-6.1mdv2007.0.i586.rpm
6698bcb0d8e5e7c4af5d9577301a0d48 2007.0/i586/libbzip2_1-1.0.3-6.1mdv2007.0.i586.rpm
3558992b5f4f864d4d77d609c54455c6 2007.0/i586/libbzip2_1-devel-1.0.3-6.1mdv2007.0.i586.rpm
5f6aade9d8b336a05d676d17eb3d4d62 2007.0/SRPMS/bzip2-1.0.3-6.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
f8df805e9268ffe67cf1c2c212ef04d5 2007.0/x86_64/bzip2-1.0.3-6.1mdv2007.0.x86_64.rpm
58558f1cb97936b06b67c9c235c65517 2007.0/x86_64/lib64bzip2_1-1.0.3-6.1mdv2007.0.x86_64.rpm
009ba4b9c280c0d56e10f4e75f23bc94 2007.0/x86_64/lib64bzip2_1-devel-1.0.3-6.1mdv2007.0.x86_64.rpm
5f6aade9d8b336a05d676d17eb3d4d62 2007.0/SRPMS/bzip2-1.0.3-6.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
1389e0beda990aa84af7ae94793526b3 2007.1/i586/bzip2-1.0.4-1.1mdv2007.1.i586.rpm
9c7e8bfac1f7ac9f07bc050c3df6f8c1 2007.1/i586/libbzip2_1-1.0.4-1.1mdv2007.1.i586.rpm
e26e2d2a349f2d2544b476e3c27b7ba1 2007.1/i586/libbzip2_1-devel-1.0.4-1.1mdv2007.1.i586.rpm
ef241d50e1564d017eead857ba1bca68 2007.1/SRPMS/bzip2-1.0.4-1.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
02f720b94ab3622adb12d27a9b0bcff8 2007.1/x86_64/bzip2-1.0.4-1.1mdv2007.1.x86_64.rpm
d7d70f134895fbf1c73148ff0b218d20 2007.1/x86_64/lib64bzip2_1-1.0.4-1.1mdv2007.1.x86_64.rpm
89b13bb16b9212513aa2b90405de07fa 2007.1/x86_64/lib64bzip2_1-devel-1.0.4-1.1mdv2007.1.x86_64.rpm
ef241d50e1564d017eead857ba1bca68 2007.1/SRPMS/bzip2-1.0.4-1.1mdv2007.1.src.rpm

Mandriva Linux 2008.0:
b20b1778b84d5862d273c93928ea3586 2008.0/i586/bzip2-1.0.4-2.1mdv2008.0.i586.rpm
e69979ee6cae516a3251ea277f0b41b3 2008.0/i586/libbzip2_1-1.0.4-2.1mdv2008.0.i586.rpm
9f871864bd0d87f383fa836a83c16739 2008.0/i586/libbzip2_1-devel-1.0.4-2.1mdv2008.0.i586.rpm
06bbfb1a27cfb8283cb54fec90877000 2008.0/SRPMS/bzip2-1.0.4-2.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
a5232c78a8556018adb3f777fd533e86 2008.0/x86_64/bzip2-1.0.4-2.1mdv2008.0.x86_64.rpm
3c58e84746fdd94f689f358692ef917e 2008.0/x86_64/lib64bzip2_1-1.0.4-2.1mdv2008.0.x86_64.rpm
66d7a3b544e5fda5c64af19e5ff1c117 2008.0/x86_64/lib64bzip2_1-devel-1.0.4-2.1mdv2008.0.x86_64.rpm
06bbfb1a27cfb8283cb54fec90877000 2008.0/SRPMS/bzip2-1.0.4-2.1mdv2008.0.src.rpm

Corporate 3.0:
197212b185073ae1cd28dfd6e962907c corporate/3.0/i586/bzip2-1.0.2-17.5.C30mdk.i586.rpm
566a9bc102a67b5979adab8490d72a3d corporate/3.0/i586/libbzip2_1-1.0.2-17.5.C30mdk.i586.rpm
03faec871e264e5e13ed7d3d4054effa corporate/3.0/i586/libbzip2_1-devel-1.0.2-17.5.C30mdk.i586.rpm
9e3a038f1824a3d294c1b58bcd5d8d2a corporate/3.0/SRPMS/bzip2-1.0.2-17.5.C30mdk.src.rpm

Corporate 3.0/X86_64:
e9137338bd9e2fec22cf34f8dd08e024 corporate/3.0/x86_64/bzip2-1.0.2-17.5.C30mdk.x86_64.rpm
8385be2baa4f10e47a9b0e382103281e corporate/3.0/x86_64/lib64bzip2_1-1.0.2-17.5.C30mdk.x86_64.rpm
aa724051a95ec66cfb1961ce532ba9af corporate/3.0/x86_64/lib64bzip2_1-devel-1.0.2-17.5.C30mdk.x86_64.rpm
9e3a038f1824a3d294c1b58bcd5d8d2a corporate/3.0/SRPMS/bzip2-1.0.2-17.5.C30mdk.src.rpm

Corporate 4.0:
43c2884e3f37d6cd36fdc7496ff095f8 corporate/4.0/i586/bzip2-1.0.3-1.3.20060mlcs4.i586.rpm
fa484966a13c0deb5d5a324c9e7bce03 corporate/4.0/i586/libbzip2_1-1.0.3-1.3.20060mlcs4.i586.rpm
0fb3793ebb134cfd0079624d16e2b7aa corporate/4.0/i586/libbzip2_1-devel-1.0.3-1.3.20060mlcs4.i586.rpm
63df10cb7218c2aaa90c92a64ef4fe7b corporate/4.0/SRPMS/bzip2-1.0.3-1.3.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
d93be85bc254492e1e9cffe621829915 corporate/4.0/x86_64/bzip2-1.0.3-1.3.20060mlcs4.x86_64.rpm
d58a247591e813b1a35288ac783cb923 corporate/4.0/x86_64/lib64bzip2_1-1.0.3-1.3.20060mlcs4.x86_64.rpm
dcb647a39aed74d14a9b5e855ffc9470 corporate/4.0/x86_64/lib64bzip2_1-devel-1.0.3-1.3.20060mlcs4.x86_64.rpm
63df10cb7218c2aaa90c92a64ef4fe7b corporate/4.0/SRPMS/bzip2-1.0.3-1.3.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
195b188697db7d58b13eba19ad569276 mnf/2.0/i586/bzip2-1.0.2-17.5.M20mdk.i586.rpm
9ff6a10c830c15f31f88db7c7bb33f26 mnf/2.0/i586/libbzip2_1-1.0.2-17.5.M20mdk.i586.rpm
5a42f1d31bb7dab7d3e162dcf4af4c3c mnf/2.0/i586/libbzip2_1-devel-1.0.2-17.5.M20mdk.i586.rpm
d92e344fbd095e6f903385f0cace0bec mnf/2.0/SRPMS/bzip2-1.0.2-17.5.M20mdk.src.rpm

Historique

2008-03-25 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.
 
 

Recherche    

      

Newsletter    

    
 

Oracle Products Multiple Code Execution Vulnerabilities

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability

Mozilla Products Remote Code Execution Vulnerabilities

Mozilla Products Code Execution and Injection Vulnerabilities

Mozilla JavaScript Garbage Collector Code Execution Vulnerability

Mozilla Thunderbird Code Execution and Cross Site Scripting Issues

Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues

Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues

IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability

IBM WebSphere Application Server Cross Site Scripting Vulnerability

IBM DB2 CLR Stored Procedures Unspecified Vulnerability

IBM Lotus Quickr Multiple Cross Site Scripting Vulnerabilities

IBM WebSphere Portal Remote Authentication Bypass Vulnerability

IBM Rational ClearQuest Login Page Cross Site Scripting Vulnerability

IBM WebSphere Application Server Security Exposure Vulnerabilities

  FrSIRT.COM © Tous droits réservés 2003-2008 - Notice Légale  sécurité informatique