French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Mandriva Security Update Fixes Kernel Privilege Escalation and DoS

Title : Mandriva Security Update Fixes Kernel Privilege Escalation and DoS
Advisory ID : FrSIRT/ADV-2008-0516
CVE ID : CVE-2007-5500 - CVE-2007-5501 - CVE-2007-6206 - CVE-2008-0001 - CVE-2008-0007 - CVE-2008-0600
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-02-13

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Multiple vulnerabilities have been identified in Mandriva, which could be exploited by attackers or malicious users to bypass security restrictions, disclose sensitive information or cause a denial of service [...]

Solution

Upgrade the affected packages :

Mandriva Linux 2008.0:
7b5ceca8ce64708f377eeb71c0e10e23 2008.0/i586/kernel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
55a44ed6c80c19aefa92cb24c778151b 2008.0/i586/kernel-desktop-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
c90ef43a4399b90601f4ce83d000c912 2008.0/i586/kernel-desktop-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
ba4506fa31394301727cdec372dd11eb 2008.0/i586/kernel-desktop-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
9767bf67321d55a35472e47500cf9bef 2008.0/i586/kernel-desktop-latest-2.6.22.18-1mdv2008.0.i586.rpm
eef0f77e0ce9097e04ff83d767d185cc 2008.0/i586/kernel-desktop586-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
6faffa5511ee8b5e91e741936dc8a454 2008.0/i586/kernel-desktop586-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
53e7bee334003b342a15132bed12023b 2008.0/i586/kernel-desktop586-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
394a534e170c43d1b55b6708a924f95d 2008.0/i586/kernel-desktop586-latest-2.6.22.18-1mdv2008.0.i586.rpm
003f0d7e3b64edaac3ae3dede01e4e87 2008.0/i586/kernel-doc-2.6.22.18-1mdv2008.0.i586.rpm
3410c9d62fb9f2364f159f519ddc9ef1 2008.0/i586/kernel-laptop-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
3a8426442dbb91d18c6684f4ef22efa8 2008.0/i586/kernel-laptop-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
958f4be00ad9df4466629774fa926887 2008.0/i586/kernel-laptop-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
7bb1033745587e8b9a5069b61c316c76 2008.0/i586/kernel-laptop-latest-2.6.22.18-1mdv2008.0.i586.rpm
ebe2489f7f1357e246563fabea2401ae 2008.0/i586/kernel-server-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
a6be151dbc9c40b4e3ca181e64f76475 2008.0/i586/kernel-server-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
c70a9e6846d383ada63d65730d5bbf5a 2008.0/i586/kernel-server-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
3c80910bc870474990439b2a24a2ccf1 2008.0/i586/kernel-server-latest-2.6.22.18-1mdv2008.0.i586.rpm
9be418acd2c39224c341f4c0fcd9c3ce 2008.0/i586/kernel-source-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
a616addeb5cf234668b26ccf4a4cc7bd 2008.0/i586/kernel-source-latest-2.6.22.18-1mdv2008.0.i586.rpm
d3419624d951fbdb358849a60639efbf 2008.0/SRPMS/kernel-2.6.22.18-1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
a043c2596652edf905109924045103da 2008.0/x86_64/kernel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
f8921ac78c1acfc6bbd9b03a9676d315 2008.0/x86_64/kernel-desktop-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
61a39804f6460a7f087c6ae7695aacce 2008.0/x86_64/kernel-desktop-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
505d6b320b4f9feef2d40f1c8e537035 2008.0/x86_64/kernel-desktop-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
bb8a829cd780094992161f92d94bd2c8 2008.0/x86_64/kernel-desktop-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
23bb1b9557c46cbc52770a20c8ba81b1 2008.0/x86_64/kernel-doc-2.6.22.18-1mdv2008.0.x86_64.rpm
f7edfd597fc01cef7c0bfdf3bf0e7315 2008.0/x86_64/kernel-laptop-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
208f863d0cce2262ee099daa250605e2 2008.0/x86_64/kernel-laptop-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
cbe57c60ec79096f9f2b9ae3ebb26ab5 2008.0/x86_64/kernel-laptop-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
add09ce293fd8c7605c3b49c5990ab92 2008.0/x86_64/kernel-laptop-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
b8125bfe9b765e8281e30a667a2c501c 2008.0/x86_64/kernel-server-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
dfaa2aedd25d8f9f91939c9e1e0247d6 2008.0/x86_64/kernel-server-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
cb703b65dd2b935737183562509130a6 2008.0/x86_64/kernel-server-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
27e6fd0a49b49952aa164be304a491b3 2008.0/x86_64/kernel-server-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
38644d73897d971d4bdca8e8a71ac962 2008.0/x86_64/kernel-source-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
f21aef3923cdd51c3444add2e97fc0d6 2008.0/x86_64/kernel-source-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
d3419624d951fbdb358849a60639efbf 2008.0/SRPMS/kernel-2.6.22.18-1mdv2008.0.src.rpm

ChangeLog

2008-02-13 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Microsoft Visual Studio "Msmask32" Code Execution Vulnerability

Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)

Microsoft Windows Messenger Data Disclosure (MS08-050)

Microsoft Windows Event System Code Execution (MS08-049)

Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)

Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)

Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)

Apple Mac OS X Code Execution and Security Bypass Vulnerabilities

Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities

Apple Xcode Code Execution and Information Disclosure Vulnerabilities

Apple TV Data Processing Remote Code Execution Vulnerabilities

Apple Mac OS X Command Execution and Security Bypass Issues

Apple Safari for Mac OS X Remote Code Execution Vulnerability

Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability

IBM WebSphere Application Server Cross Site Scripting Vulnerability

IBM DB2 CLR Stored Procedures Unspecified Vulnerability

IBM Lotus Quickr Multiple Cross Site Scripting Vulnerabilities

IBM WebSphere Portal Remote Authentication Bypass Vulnerability

IBM Rational ClearQuest Login Page Cross Site Scripting Vulnerability

IBM WebSphere Application Server Security Exposure Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy