exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 32335

Secunia Security Advisory 32335
Posted Oct 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for qemu. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, debian
SHA-256 | ad99b2a99e9208e677be41c43115374fab8b855bd4516eb01e92edcf0d376d9a

Secunia Security Advisory 32335

Change Mirror Download
----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details:
http://secunia.com/binary_analysis/sample_analysis/

----------------------------------------------------------------------

TITLE:
Debian update for qemu

SECUNIA ADVISORY ID:
SA32335

VERIFY ADVISORY:
http://secunia.com/advisories/32335/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/advisories/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/advisories/product/530/

DESCRIPTION:
Debian has issued an update for qemu. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges.

The vulnerability is caused due to temporary files being created
insecurely and can be exploited to e.g. overwrite arbitrary files via
symlink attacks.

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/q/qemu/qemu_0.8.2-4etch2.dsc
Size/MD5 checksum: 1130 fd503742c9e3e64be60f8ff265f05edc
http://security.debian.org/pool/updates/main/q/qemu/qemu_0.8.2.orig.tar.gz
Size/MD5 checksum: 1501979 312eebc1386cca2e9b30a40763ab9c0d
http://security.debian.org/pool/updates/main/q/qemu/qemu_0.8.2-4etch2.diff.gz
Size/MD5 checksum: 65528 6b47c99fa9e0e99e4af47d5417bc497b

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/q/qemu/qemu_0.8.2-4etch2_amd64.deb
Size/MD5 checksum: 3697974 1e88b4385a82864d386fe57608c8617a

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/q/qemu/qemu_0.8.2-4etch2_i386.deb
Size/MD5 checksum: 3676128 cd73888cc1915af94792085994b946e3

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/q/qemu/qemu_0.8.2-4etch2_powerpc.deb
Size/MD5 checksum: 3578592 86133e0b1804cc53f78f8eb71779a337

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.9.1-6

ORIGINAL ADVISORY:
DSA-1657-1:
http://www.us.debian.org/security/2008/dsa-1657

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close