exploit the possibilities

Mandriva Linux Security Advisory 2012-129

Mandriva Linux Security Advisory 2012-129
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | 741a2545d765d1e9854cdcbf178dc20b6ca0f8fc1357ad76b6a268fa5cadabc4

Mandriva Linux Security Advisory 2012-129

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:129
http://www.mandriva.com/security/
_______________________________________________________________________

Package : busybox
Date : August 10, 2012
Affected: 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities was found and corrected in busybox:

The decompress function in ncompress allows remote attackers to cause
a denial of service (crash), and possibly execute arbitrary code,
via crafted data that leads to a buffer underflow (CVE-2006-1168).

A missing DHCP option checking / sanitization flaw was reported for
multiple DHCP clients. This flaw may allow DHCP server to trick DHCP
clients to set e.g. system hostname to a specially crafted value
containing shell special characters. Various scripts assume that
hostname is trusted, which may lead to code execution when hostname
is specially crafted (CVE-2011-2716).

Additionally for Mandriva Enterprise Server 5 various problems in
the ka-deploy and uClibc packages was discovered and fixed with
this advisory.

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2716
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2011:
7eda839ab0451b3069b4c7b462c3c7e6 2011/i586/busybox-1.18.4-3.1-mdv2011.0.i586.rpm
afc5b858baba240a8daf311281982fa2 2011/i586/busybox-static-1.18.4-3.1-mdv2011.0.i586.rpm
71526f79bfe8499fea0d77dfe0a252fd 2011/SRPMS/busybox-1.18.4-3.1.src.rpm

Mandriva Linux 2011/X86_64:
ffe0b7192163d7c57ae0ebf639472610 2011/x86_64/busybox-1.18.4-3.1-mdv2011.0.x86_64.rpm
9a80e96e5b018373f8cc7313718993ff 2011/x86_64/busybox-static-1.18.4-3.1-mdv2011.0.x86_64.rpm
71526f79bfe8499fea0d77dfe0a252fd 2011/SRPMS/busybox-1.18.4-3.1.src.rpm

Mandriva Enterprise Server 5:
b934b1ea4a3507d5792fc2b98ece457b mes5/i586/busybox-1.6.1-5.1mdvmes5.2.i586.rpm
b2cafe1f5d4736d8f756fed5b860954d mes5/i586/ka-deploy-server-0.94.4-0.2mdvmes5.2.i586.rpm
4cdee19ce25eff46f32867b0987808e5 mes5/i586/ka-deploy-source-node-0.94.4-0.2mdvmes5.2.i586.rpm
090681e425343f32afdcfc45ccfc38ed mes5/i586/uClibc-0.9.28.1-5.1mdvmes5.2.i586.rpm
28e514241585b879386fbca310b47b9e mes5/i586/uClibc-devel-0.9.28.1-5.1mdvmes5.2.i586.rpm
b38a4038cc558b690834eb3523dcdf7e mes5/i586/uClibc-static-devel-0.9.28.1-5.1mdvmes5.2.i586.rpm
d9426a5f52e3e0cc44fc020b057e26e1 mes5/SRPMS/busybox-1.6.1-5.1mdvmes5.2.src.rpm
572e853960052b860bb871e57252ad6f mes5/SRPMS/ka-deploy-0.94.4-0.2mdvmes5.2.src.rpm
fa74d4032e7f3cc87ca7d75f18e11a61 mes5/SRPMS/uClibc-0.9.28.1-5.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
f941396521694b20340da46dfc711212 mes5/x86_64/busybox-1.6.1-5.1mdvmes5.2.x86_64.rpm
08686bc10a646f07778b4ae9b64431b8 mes5/x86_64/ka-deploy-server-0.94.4-0.2mdvmes5.2.x86_64.rpm
321dc65777647855b61afb01f24b9478 mes5/x86_64/ka-deploy-source-node-0.94.4-0.2mdvmes5.2.x86_64.rpm
000bb5e649837c746584092d7990b2ad mes5/x86_64/uClibc-0.9.28.1-5.1mdvmes5.2.x86_64.rpm
90ff537b9b6f9403fa1e75d5c2accbde mes5/x86_64/uClibc-devel-0.9.28.1-5.1mdvmes5.2.x86_64.rpm
3fcfb13393f23c67083f2406ae6ad8c5 mes5/x86_64/uClibc-static-devel-0.9.28.1-5.1mdvmes5.2.x86_64.rpm
d9426a5f52e3e0cc44fc020b057e26e1 mes5/SRPMS/busybox-1.6.1-5.1mdvmes5.2.src.rpm
572e853960052b860bb871e57252ad6f mes5/SRPMS/ka-deploy-0.94.4-0.2mdvmes5.2.src.rpm
fa74d4032e7f3cc87ca7d75f18e11a61 mes5/SRPMS/uClibc-0.9.28.1-5.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFQJSHEmqjQ0CJFipgRAiGSAJ98naeq+Y0bXviIIvDhKdipDqSQ4wCdHMBA
09ereRjH0OzNcue9Hiq8sqg=
=FpbS
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close