exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2012-086

Mandriva Linux Security Advisory 2012-086
Posted Jun 1, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-086 - acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2011-1159
SHA-256 | c15d0e46cdada2dd1ae45af5a6bbb6ddf79e09ac03522b855d89fba15026903b

Mandriva Linux Security Advisory 2012-086

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:086
http://www.mandriva.com/security/
_______________________________________________________________________

Package : acpid
Date : May 31, 2012
Affected: 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been discovered and corrected in acpid:

acpid.c in acpid before 2.0.9 does not properly handle a situation in
which a process has connected to acpid.socket but is not reading any
data, which allows local users to cause a denial of service (daemon
hang) via a crafted application that performs a connect system call
but no read system calls (CVE-2011-1159).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1159
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
2f102719ee28b4be284c3c5803e8b888 2010.1/i586/acpid-2.0.4-2.1mnb2.i586.rpm
d30539481c1b5cbfad4b6b7a45ef6d98 2010.1/SRPMS/acpid-2.0.4-2.1mnb2.src.rpm

Mandriva Linux 2010.1/X86_64:
be6b6a6e82edbb180dbd2c7e129868d7 2010.1/x86_64/acpid-2.0.4-2.1mnb2.x86_64.rpm
d30539481c1b5cbfad4b6b7a45ef6d98 2010.1/SRPMS/acpid-2.0.4-2.1mnb2.src.rpm

Mandriva Enterprise Server 5:
a4c36c404bd3bff4a237ff311f3b2097 mes5/i586/acpid-1.0.6-6.3mnb2.i586.rpm
a66af7665f9a19c078ddcda8df99c3cf mes5/SRPMS/acpid-1.0.6-6.3mnb2.src.rpm

Mandriva Enterprise Server 5/X86_64:
b0f73a601200b450fd60ed8468fae652 mes5/x86_64/acpid-1.0.6-6.3mnb2.x86_64.rpm
a66af7665f9a19c078ddcda8df99c3cf mes5/SRPMS/acpid-1.0.6-6.3mnb2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPxycJmqjQ0CJFipgRArBuAJ9lq6IQe0tBd4Pypr/1SrIDcNMiOACgyDrm
YPk+5dMkfj6mjRp9gJzaMkg=
=NfHl
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close