French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes Mono Big Integer Buffer Overflow Issue

Title : Fedora Security Update Fixes Mono Big Integer Buffer Overflow Issue
Advisory ID : FrSIRT/ADV-2007-3833
CVE ID : CVE-2007-5197
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-11-12

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service or execute arbitrary code [...]

Solution

Upgrade the affected packages :

e8931aaf4aa34715cd9ca9e08f58d99b6d6e15af mono-nunit-1.2.3-5.fc7.i386.rpm
b510205ca7387d913fb780131649d0cf86843103 mono-debuginfo-1.2.3-5.fc7.i386.rpm
eabb2570638963619c030bf707928a85895edc0a mono-data-sqlite-1.2.3-5.fc7.i386.rpm
2f40ca70453f3c47fe08419845dc5101c6699a2e mono-data-oracle-1.2.3-5.fc7.i386.rpm
c1762f153cc1b824093ee641c552bf49857b8d30 mono-core-1.2.3-5.fc7.i386.rpm
3d0586f1c5c6586c5ff589ed3298f3bbc4fc5057 ibm-data-db2-1.2.3-5.fc7.i386.rpm
210b5db69d3af2ee83c02545902e82425eab81d7 mono-data-1.2.3-5.fc7.i386.rpm
649d3d4b5567232b8b505a6feb91e79e59558da2 bytefx-data-mysql-1.2.3-5.fc7.i386.rpm
b6287ffd2e4ce1412fd23c8a2f8bcfa67654599c mono-jscript-1.2.3-5.fc7.i386.rpm
5bfdf12dd20ab6fe12f411066587c9978e60e7b9 mono-nunit-devel-1.2.3-5.fc7.i386.rpm
28fee93e10ceeb35e64578e1119f717af4b0459a mono-devel-1.2.3-5.fc7.i386.rpm
382d76d0222050d76181ddcb84b9b91858a40433 mono-data-postgresql-1.2.3-5.fc7.i386.rpm
c373ed2b24635cfc86ab15bba7feb4805387146b mono-data-sybase-1.2.3-5.fc7.i386.rpm
41499828cf93e36dc4fd7fd37b5fc055d328a430 mono-web-1.2.3-5.fc7.i386.rpm
a114c0598357e2e197b7720457bb151559706a38 mono-winforms-1.2.3-5.fc7.i386.rpm
7e853ce74247c495ae8101854814acfbdeea1a9c mono-extras-1.2.3-5.fc7.i386.rpm
ec6c81c807ff0abffa6047b0154e75eac1171355 mono-locale-extras-1.2.3-5.fc7.i386.rpm
62b0f655de5489917a80e3e4e32b6acc42b55102 mono-data-firebird-1.2.3-5.fc7.i386.rpm
32f41355e5601ed100b38dd31a03a8f409156fee mono-jscript-1.2.3-5.fc7.x86_64.rpm
8c361def00bc3625b82becb122d43b7ec90547a8 mono-devel-1.2.3-5.fc7.x86_64.rpm
88372414ea9483e948e8c4c6e88738aa024b7b97 mono-data-oracle-1.2.3-5.fc7.x86_64.rpm
93faac394741adb74bbeda63c57d6b29f639b710 mono-data-postgresql-1.2.3-5.fc7.x86_64.rpm
da1e5e381939cebbf55983ac2ae0f6c6a9f56f1e ibm-data-db2-1.2.3-5.fc7.x86_64.rpm
d5d6bb98de3e1c5409527be38479b7e29238c30c mono-data-sqlite-1.2.3-5.fc7.x86_64.rpm
c885ae480912b6723b7ddff66f18b2dde8454be8 mono-winforms-1.2.3-5.fc7.x86_64.rpm
0f2ee3a6262a28a18aaf69a2336ed141a0b8753f mono-web-1.2.3-5.fc7.x86_64.rpm
9d0264391312dedf6cf680bd72a0f9733b7959dc mono-nunit-1.2.3-5.fc7.x86_64.rpm
6a33cd49c6256ba930b3c0f8ff8dfbed60657757 mono-extras-1.2.3-5.fc7.x86_64.rpm
8dc64d418e6d0ffd8c984ca1b448ca729fbfb9bd mono-debuginfo-1.2.3-5.fc7.x86_64.rpm
de62a56b1cef09e78f1c644fb9adf551e8982a86 mono-core-1.2.3-5.fc7.x86_64.rpm
8cfa61058644eae50d566906ebe3d91a2591a40c mono-locale-extras-1.2.3-5.fc7.x86_64.rpm
35ed8f8340ec72c6220e0564aeaac65df62149d9 mono-data-firebird-1.2.3-5.fc7.x86_64.rpm
91aae6bd8a0e1d9305665c4cb64c1361ed43bc32 mono-nunit-devel-1.2.3-5.fc7.x86_64.rpm
c81d557d1e0b4a3be1b31a11124fd1bb55664ff0 mono-data-1.2.3-5.fc7.x86_64.rpm
939edac6412e361d2236a18bfb322011697c013e bytefx-data-mysql-1.2.3-5.fc7.x86_64.rpm
177bc151729e96cba03dfbadb5a9e59520d18989 mono-data-sybase-1.2.3-5.fc7.x86_64.rpm
13e849291b9fa432ad2b7d4010bd5f6516dcba37 mono-data-sybase-1.2.3-5.fc7.ppc.rpm
1c70fa592afbdc90be9600b428113e43174cec00 mono-locale-extras-1.2.3-5.fc7.ppc.rpm
4b67b9c70816e83c5b79ae902586e15c30b16057 mono-data-sqlite-1.2.3-5.fc7.ppc.rpm
e22bc73083697bfaacd167c101c631a5f0eab49a mono-extras-1.2.3-5.fc7.ppc.rpm
3b0fab14f43a1711830649877be3824f0bb750d8 ibm-data-db2-1.2.3-5.fc7.ppc.rpm
ebf9a98bac90eb4bb4ad8c7164923397aaa5052f mono-devel-1.2.3-5.fc7.ppc.rpm
b5166ccb8424c1e48bff896004f97ffb6a987d52 mono-data-postgresql-1.2.3-5.fc7.ppc.rpm
20c5eb8242ddbfa1f8a0756d156ae645868e4198 mono-winforms-1.2.3-5.fc7.ppc.rpm
1e480c0ae13a84bfb9abcf441f232632446e5c36 mono-debuginfo-1.2.3-5.fc7.ppc.rpm
53a9416fa092113f436872e02d67bc26261b6c60 mono-data-oracle-1.2.3-5.fc7.ppc.rpm
88eca6929a84573beca7be02346a5073959a6a2f mono-core-1.2.3-5.fc7.ppc.rpm
63df288a250307f407531356f3776684a039420c mono-jscript-1.2.3-5.fc7.ppc.rpm
66bd4e6f8f60af13dc7760a0b2e4ad96e628f7c4 bytefx-data-mysql-1.2.3-5.fc7.ppc.rpm
d693dce4fffc9c7e0aaf84f7f3804133bf266c6e mono-data-1.2.3-5.fc7.ppc.rpm
86634dcba7b53c87c181e6ff1880150deda7bc95 mono-web-1.2.3-5.fc7.ppc.rpm
b7c2f6e24fb364f2df1f3d340af0d69e8a4ad72d mono-nunit-devel-1.2.3-5.fc7.ppc.rpm
b72af7b41b98dec76ba71ce0a7dbf0f8e37ac00d mono-nunit-1.2.3-5.fc7.ppc.rpm
4f86fccbe2b6d55317acc35d0d8642807b43db9b mono-data-firebird-1.2.3-5.fc7.ppc.rpm
dcb30b96239a8dafb51b214ffa787ac2734abdad mono-1.2.3-5.fc7.src.rpm

ChangeLog

2007-11-12 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Sun Solaris System Management Agent Buffer Overflow Vulnerability

Sun Update Fixes Mozilla Thunderbird Multiple Vulnerabilities

Sun Java JDK and JRE Code Execution and Security Bypass Issues

Sun Solaris DNS Protocol Remote Cache Poisoning Vulnerability

Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities

Sun Java System Access Manager XSLT Code Execution Vulnerability

Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities

Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities

Apple Xcode Code Execution and Information Disclosure Vulnerabilities

Apple TV Data Processing Remote Code Execution Vulnerabilities

Apple Mac OS X Command Execution and Security Bypass Issues

Apple Safari for Mac OS X Remote Code Execution Vulnerability

Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

Apple Safari Code Execution and Information Disclosure Vulnerabilities

Oracle Products Multiple Code Execution and Security Bypass Issues

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy