French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes Mono Big Integer Buffer Overflow Issue

Title : Fedora Security Update Fixes Mono Big Integer Buffer Overflow Issue
Advisory ID : FrSIRT/ADV-2007-3792
CVE ID : CVE-2007-5197
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-11-08

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service or execute arbitrary code [...]

Solution

Upgrade the affected packages :

30e9a54bffd812dfce9e54fccf52a46d218c9afe mono-core-1.2.5.1-2.fc8.i386.rpm
23b9b478ca7181b3eb757ccd8d2ffbd5a0c0d144 mono-data-sybase-1.2.5.1-2.fc8.i386.rpm
a3095e845476b9f6661b3ea1e5585ca213da557b mono-winforms-1.2.5.1-2.fc8.i386.rpm
934073a06d0d2ac72bc482a9afc5a3de52f81a5e mono-nunit-devel-1.2.5.1-2.fc8.i386.rpm
bbf814fabcfeb0513aed9b373d0ccaadddb0c9a3 ibm-data-db2-1.2.5.1-2.fc8.i386.rpm
d2a5ddf41fd8399a780daf951f85ef9345f69094 mono-data-postgresql-1.2.5.1-2.fc8.i386.rpm
89aecd9ed001ef846f2f4ffbd2d53b586d5e46c3 mono-data-1.2.5.1-2.fc8.i386.rpm
e8cbe8d96d063daefc6dd5b95c5f18aeffcb3082 mono-data-sqlite-1.2.5.1-2.fc8.i386.rpm
4dbd3237e110fa25b28ca331238b5e15eae8f647 mono-web-1.2.5.1-2.fc8.i386.rpm
7a68156e655ac338f2eb8bdb552fa647892a182d mono-data-firebird-1.2.5.1-2.fc8.i386.rpm
18be7cbe1d80d33791299c5e772efc14225bf192 mono-data-oracle-1.2.5.1-2.fc8.i386.rpm
589957aecb51720c18c09a21708334a185442f3d mono-jscript-1.2.5.1-2.fc8.i386.rpm
8efc2ce911bb2dd7c1848de4a5c2a73f0e4fad87 mono-debuginfo-1.2.5.1-2.fc8.i386.rpm
b31516b7a5f4eb82ca9bf494ba850c968953a149 mono-nunit-1.2.5.1-2.fc8.i386.rpm
c291f97fafe40a530cc19561c32ab94e07d942da bytefx-data-mysql-1.2.5.1-2.fc8.i386.rpm
46f6cc460d7a1eceef178ba52321f6d39ec36ab4 mono-locale-extras-1.2.5.1-2.fc8.i386.rpm
1f50e1b6662ddee1610e0c350cad02ce8fc87044 mono-devel-1.2.5.1-2.fc8.i386.rpm
be07d2216c953839bc01976589f4db65dd60a9f8 mono-extras-1.2.5.1-2.fc8.i386.rpm
548ed63f1fb0d3c1ddaf416c5d32bf662c82b962 mono-data-sqlite-1.2.5.1-2.fc8.x86_64.rpm
8e62a7ceb5afbfbaf92e0fc046fc3ddacb015645 mono-data-sybase-1.2.5.1-2.fc8.x86_64.rpm
e755690eee8bbbe74395c37ba7d511ccdedd577b mono-data-postgresql-1.2.5.1-2.fc8.x86_64.rpm
b47b57886cca4c33665146c883ecd1187bc989e9 mono-debuginfo-1.2.5.1-2.fc8.x86_64.rpm
fdd3694e1658d0bdb8334513f94fb5281f107279 mono-data-firebird-1.2.5.1-2.fc8.x86_64.rpm
85785d0848859da30767e513aee052c615942048 mono-nunit-devel-1.2.5.1-2.fc8.x86_64.rpm
7a3ef7297a1490e932710d28aae9d09d384694d5 mono-data-1.2.5.1-2.fc8.x86_64.rpm
d5e3da09ae873b31d1b58d2ec5d70c85d5d542c7 mono-web-1.2.5.1-2.fc8.x86_64.rpm
7a041e30072414f8b46550df6cd56c0dbdf93776 mono-winforms-1.2.5.1-2.fc8.x86_64.rpm
7bf2d0264a4c47b0911820b1d338ba2a7e78e2c6 mono-jscript-1.2.5.1-2.fc8.x86_64.rpm
6b079a8a3a9fef087e49f0b24d95c9a15e65d8c3 mono-core-1.2.5.1-2.fc8.x86_64.rpm
28a11f8cb1299c679f5c093f78d74775ad22ce52 bytefx-data-mysql-1.2.5.1-2.fc8.x86_64.rpm
f8ddc2c2f015fd04a7dcb87735ec4887701e3dc0 mono-nunit-1.2.5.1-2.fc8.x86_64.rpm
173237e7db2e9bc6c4bf732ce3cdfe74dd3e30ea mono-extras-1.2.5.1-2.fc8.x86_64.rpm
80940cbb45c0d7e8cddda3983e1a53e57f2aa1b5 mono-locale-extras-1.2.5.1-2.fc8.x86_64.rpm
b0a773c0a6a45d1b1bd86e1878b87df36bd7e16c ibm-data-db2-1.2.5.1-2.fc8.x86_64.rpm
83471927e123c892d30ee403a6e35792d44a1957 mono-data-oracle-1.2.5.1-2.fc8.x86_64.rpm
5d3694140cc008db0eb89135399d445e32b481c9 mono-devel-1.2.5.1-2.fc8.x86_64.rpm
2887f320e0765c77e0f3f88c24a970543b46b9d4 mono-data-sybase-1.2.5.1-2.fc8.ppc.rpm
69b2c93fd19bfcc30f3e24775bc995c44e0824a5 mono-debuginfo-1.2.5.1-2.fc8.ppc.rpm
830c4d6e2fc0cc8fdd78a4e2e22b7a80bf68d8fe mono-nunit-1.2.5.1-2.fc8.ppc.rpm
9dbadf8c29bb60b68ab1651215a9d8b3d8cb6201 bytefx-data-mysql-1.2.5.1-2.fc8.ppc.rpm
903d4f1ab314e74af92294072266f7bac905a4e3 mono-data-sqlite-1.2.5.1-2.fc8.ppc.rpm
f7e5070dbe03200128e0446c9d1a26ac096146e4 mono-data-1.2.5.1-2.fc8.ppc.rpm
4f724cf72a6412999b7ef8b0ed92369b75c670df mono-extras-1.2.5.1-2.fc8.ppc.rpm
cd18ee2315d278339ebf681b9c79307902fe0d0e mono-data-firebird-1.2.5.1-2.fc8.ppc.rpm
a5b882d3ef8e01b47ac7495d2dd5d5ea8b8e068a mono-locale-extras-1.2.5.1-2.fc8.ppc.rpm
79231255c163d45b9a83fbcbada2100cf3c8eb48 mono-jscript-1.2.5.1-2.fc8.ppc.rpm
51d9914ef423aff8f3db41234ed813e12b28b710 mono-core-1.2.5.1-2.fc8.ppc.rpm
7584b1e4a501576dd46c4edef11a3ef10086c55a mono-data-oracle-1.2.5.1-2.fc8.ppc.rpm
1903da4f0489223502d463e30df8c53fdcc31a3d mono-nunit-devel-1.2.5.1-2.fc8.ppc.rpm
506ab6a87309bcdfd301cf34a16130477a87f360 ibm-data-db2-1.2.5.1-2.fc8.ppc.rpm
6cffa18dc757c0a5a5edde74534f9ed3102f4231 mono-web-1.2.5.1-2.fc8.ppc.rpm
143428748a4113ccdb1b5f4a01e22e2ab66a03d7 mono-data-postgresql-1.2.5.1-2.fc8.ppc.rpm
641a5040767d24dba2048bf3bbf48f425913660d mono-winforms-1.2.5.1-2.fc8.ppc.rpm
5360d4c9b9d606e24ec006ebbedf90a1afbfdd78 mono-devel-1.2.5.1-2.fc8.ppc.rpm
111a1c9d3ca5261aa9e87d832f2e03bece755c51 mono-1.2.5.1-2.fc8.src.rpm

ChangeLog

2007-11-08 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Microsoft Office Word Document Handling Code Execution Vulnerability

Microsoft SQL Server Privilege Escalation Vulnerabilities (MS08-040)

Microsoft Exchange Server Cross Site Scripting Issues (MS08-039)

Microsoft Windows Explorer Remote Code Execution (MS08-038)

Microsoft Windows Multiple DNS Spoofing Vulnerabilities (MS08-037)

Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

Microsoft Internet Explorer Frame Cross-Domain Scripting Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

Cisco Intrusion Prevention System Jumbo Frame Vulnerability

Cisco VPN Client Deterministic Network Enhancer Privilege Escalation

Cisco Products SNMPv3 Authentication Packets Vulnerabilities

Cisco PIX and ASA Security Bypass and Denial of Service

IBM WebSphere Application Server Security Exposure Vulnerabilities

IBM AIX DNS Transaction ID Remote Cache Poisoning Vulnerability

IBM Tivoli Directory Server Entry Handling Double-Free Vulnerability

IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow Vulnerability

IBM Hardware Management Console Cross Site Scripting Vulnerabilities

IBM OS/400 BrSmRcvAndCheck Local Buffer Overflow Vulnerability

IBM DB2 Multiple Buffer Overflow and Security Bypass Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy