FrSIRT - Trustix Security Update Fixes Multiple Remote and Local Vulnerabilities / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Trustix Security Update Fixes Multiple Remote and Local Vulnerabilities

Title : Trustix Security Update Fixes Multiple Remote and Local Vulnerabilities
Advisory ID : FrSIRT/ADV-2006-0380
CVE ID : CVE-2005-3624 - CVE-2005-3625 - CVE-2005-3626 - CVE-2005-3627 - CVE-2005-3656 - CVE-2005-4158 - CVE-2005-4348 - CVE-2006-0162
Rated as : Critical

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-01-31

Advisory Details

Description

Affected Products

Solution

References

Technical Description

Trustix has released updated packages to address multiple security vulnerabilities identified in clamav, cups, fetchmail, mod_auth_pgsql and sudo [...]

Solution

Upgrade the affected packages :

ftp://ftp.trustix.org/pub/trustix/updates/

c4054d2f4cd71398414e998cc284d59a 3.0/rpms/clamav-0.88-1tr.i586.rpm
8bd316759f4d2bcf7f02416ba6940a9b 3.0/rpms/clamav-devel-0.88-1tr.i586.rpm
5e0710e5ea16f2e1275d44bf457f75dc 3.0/rpms/cups-1.1.23-11tr.i586.rpm
e3620b786bedf32c448e2a39dcb157e6 3.0/rpms/cups-devel-1.1.23-11tr.i586.rpm
b38886f3c90753ac58e0232c9bb58571 3.0/rpms/cups-libs-1.1.23-11tr.i586.rpm
824b16f362cc986645dfd3f5d9ac4550 3.0/rpms/cups-samba-1.1.23-11tr.i586.rpm
7422c1de49b6ccd89d876238d7005317 3.0/rpms/fetchmail-6.2.5.5-1tr.i586.rpm
c5171f6d58768c65a86d7185eb3d9d40 3.0/rpms/mod_auth_pgsql-2.0.3-1tr.i586.rpm
1bf904fee4e276445eb875702189f78a 3.0/rpms/sudo-1.6.8p9-3tr.i586.rpm

5a812456fff8b160a0431cd87be387ab 2.2/rpms/clamav-0.88-1tr.i586.rpm
df00ab8b447b4970cb93c801a35ebcff 2.2/rpms/clamav-devel-0.88-1tr.i586.rpm
52bfa93ec82d8587b8e4bbfac95108a4 2.2/rpms/cups-1.1.23-7tr.i586.rpm
790ea1fb94322873ca5ee91b1e0086bd 2.2/rpms/cups-devel-1.1.23-7tr.i586.rpm
f435ad4abb0c96947925a404d82be8e3 2.2/rpms/cups-libs-1.1.23-7tr.i586.rpm
a91491ec0fc827cb6dd55ad2fd0e943f 2.2/rpms/fetchmail-6.2.5.5-1tr.i586.rpm
03eebacbceda0a9133a30b094327521d 2.2/rpms/sudo-1.6.8p9-3tr.i586.rpm

ChangeLog

2006-01-31 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Cisco IOS/CatOS VLAN Trunking Protocol DoS Vulnerability
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco Unity Security Bypass and Denial of Service
	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox Shortcut Handlingg Information Disclosure Vulnerability
	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution and Security Bypass Issues
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability

	Microsoft XML Core Services Multiple Remote Vulnerabilities (MS08-069)
	Microsoft Windows SMB Credential Reflection Vulnerability (MS08-068)
	Microsoft Windows Server Service Vulnerability (MS08-067)
	Microsoft Windows "afd.sys" Privilege Escalation Vulnerability (MS08-066)
	Microsoft Windows MSMQ Code Execution Vulnerability (MS08-065)
	Microsoft Windows VADs Privilege Escalation Vulnerability (MS08-064)
	Microsoft Windows SMB Code Execution Vulnerability (MS08-063)