Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues.
741a2545d765d1e9854cdcbf178dc20b6ca0f8fc1357ad76b6a268fa5cadabc4
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:129
http://www.mandriva.com/security/
_______________________________________________________________________
Package : busybox
Date : August 10, 2012
Affected: 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities was found and corrected in busybox:
The decompress function in ncompress allows remote attackers to cause
a denial of service (crash), and possibly execute arbitrary code,
via crafted data that leads to a buffer underflow (CVE-2006-1168).
A missing DHCP option checking / sanitization flaw was reported for
multiple DHCP clients. This flaw may allow DHCP server to trick DHCP
clients to set e.g. system hostname to a specially crafted value
containing shell special characters. Various scripts assume that
hostname is trusted, which may lead to code execution when hostname
is specially crafted (CVE-2011-2716).
Additionally for Mandriva Enterprise Server 5 various problems in
the ka-deploy and uClibc packages was discovered and fixed with
this advisory.
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2716
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
7eda839ab0451b3069b4c7b462c3c7e6 2011/i586/busybox-1.18.4-3.1-mdv2011.0.i586.rpm
afc5b858baba240a8daf311281982fa2 2011/i586/busybox-static-1.18.4-3.1-mdv2011.0.i586.rpm
71526f79bfe8499fea0d77dfe0a252fd 2011/SRPMS/busybox-1.18.4-3.1.src.rpm
Mandriva Linux 2011/X86_64:
ffe0b7192163d7c57ae0ebf639472610 2011/x86_64/busybox-1.18.4-3.1-mdv2011.0.x86_64.rpm
9a80e96e5b018373f8cc7313718993ff 2011/x86_64/busybox-static-1.18.4-3.1-mdv2011.0.x86_64.rpm
71526f79bfe8499fea0d77dfe0a252fd 2011/SRPMS/busybox-1.18.4-3.1.src.rpm
Mandriva Enterprise Server 5:
b934b1ea4a3507d5792fc2b98ece457b mes5/i586/busybox-1.6.1-5.1mdvmes5.2.i586.rpm
b2cafe1f5d4736d8f756fed5b860954d mes5/i586/ka-deploy-server-0.94.4-0.2mdvmes5.2.i586.rpm
4cdee19ce25eff46f32867b0987808e5 mes5/i586/ka-deploy-source-node-0.94.4-0.2mdvmes5.2.i586.rpm
090681e425343f32afdcfc45ccfc38ed mes5/i586/uClibc-0.9.28.1-5.1mdvmes5.2.i586.rpm
28e514241585b879386fbca310b47b9e mes5/i586/uClibc-devel-0.9.28.1-5.1mdvmes5.2.i586.rpm
b38a4038cc558b690834eb3523dcdf7e mes5/i586/uClibc-static-devel-0.9.28.1-5.1mdvmes5.2.i586.rpm
d9426a5f52e3e0cc44fc020b057e26e1 mes5/SRPMS/busybox-1.6.1-5.1mdvmes5.2.src.rpm
572e853960052b860bb871e57252ad6f mes5/SRPMS/ka-deploy-0.94.4-0.2mdvmes5.2.src.rpm
fa74d4032e7f3cc87ca7d75f18e11a61 mes5/SRPMS/uClibc-0.9.28.1-5.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
f941396521694b20340da46dfc711212 mes5/x86_64/busybox-1.6.1-5.1mdvmes5.2.x86_64.rpm
08686bc10a646f07778b4ae9b64431b8 mes5/x86_64/ka-deploy-server-0.94.4-0.2mdvmes5.2.x86_64.rpm
321dc65777647855b61afb01f24b9478 mes5/x86_64/ka-deploy-source-node-0.94.4-0.2mdvmes5.2.x86_64.rpm
000bb5e649837c746584092d7990b2ad mes5/x86_64/uClibc-0.9.28.1-5.1mdvmes5.2.x86_64.rpm
90ff537b9b6f9403fa1e75d5c2accbde mes5/x86_64/uClibc-devel-0.9.28.1-5.1mdvmes5.2.x86_64.rpm
3fcfb13393f23c67083f2406ae6ad8c5 mes5/x86_64/uClibc-static-devel-0.9.28.1-5.1mdvmes5.2.x86_64.rpm
d9426a5f52e3e0cc44fc020b057e26e1 mes5/SRPMS/busybox-1.6.1-5.1mdvmes5.2.src.rpm
572e853960052b860bb871e57252ad6f mes5/SRPMS/ka-deploy-0.94.4-0.2mdvmes5.2.src.rpm
fa74d4032e7f3cc87ca7d75f18e11a61 mes5/SRPMS/uClibc-0.9.28.1-5.1mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQJSHEmqjQ0CJFipgRAiGSAJ98naeq+Y0bXviIIvDhKdipDqSQ4wCdHMBA
09ereRjH0OzNcue9Hiq8sqg=
=FpbS
-----END PGP SIGNATURE-----