---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: Trustix Update for Multiple Packages SECUNIA ADVISORY ID: SA26231 VERIFY ADVISORY: http://secunia.com/advisories/26231/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Privilege escalation, DoS, System access WHERE: >From remote OPERATING SYSTEM: Trustix Secure Linux 2.2 http://secunia.com/product/4641/ DESCRIPTION: Trustix has issued an update for multiple packages. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions, gain escalated privileges, poison the DNS cache, cause a DoS (Denial of Service), and potentially compromise a user's system. For more information: SA24678 SA24824 SA25378 SA25456 SA25829 SA26038 SA26104 SA26135 SA26152 SOLUTION: Apply updated packages. d3c601bd616c19da0da2180e7029cc2c 2.2/rpms/bind-9.3.4-3tr.i586.rpm ba5ab37e1c1f98b73ecf7988cafafc10 2.2/rpms/bind-devel-9.3.4-3tr.i586.rpm c5173096b50c73537bc149a24074ab47 2.2/rpms/bind-libs-9.3.4-3tr.i586.rpm ec8157264cccbe97f111647682625ed0 2.2/rpms/bind-light-9.3.4-3tr.i586.rpm e58d3dac7a5ed83a33291dc0493d07fc 2.2/rpms/bind-light-devel-9.3.4-3tr.i586.rpm 701f16b002778ca84844b85d2adff688 2.2/rpms/bind-utils-9.3.4-3tr.i586.rpm d0f1c9fb436123f8d0a9d7e1af85c885 2.2/rpms/clamav-0.91-1tr.i586.rpm f296443ddff0566e9d474643ff33b962 2.2/rpms/clamav-devel-0.91-1tr.i586.rpm 3f9a03adaa1171d960cdbfe08ea6795b 2.2/rpms/curl-7.15.3-3tr.i586.rpm 5332054611bdba805908521670783b96 2.2/rpms/curl-devel-7.15.3-3tr.i586.rpm 60489eeffd8bf5958fde66628a343974 2.2/rpms/mod_perl-2.0.0-5tr.i586.rpm dd0202812215babf987e20525ec940db 2.2/rpms/mod_perl-devel-2.0.0-5tr.i586.rpm 5f1b350a7ea7ef3d7964259a179ebb3a 2.2/rpms/perl-net-dns-0.48-3tr.i586.rpm 6e4d88ef05463a6895bded9a04d6c417 2.2/rpms/php-5.2.3-1tr.i586.rpm df38a5edbb2d8d5836173206fb4aa51e 2.2/rpms/php-cli-5.2.3-1tr.i586.rpm b7358a367b60569d7198fea6d3d0f0cd 2.2/rpms/php-curl-5.2.3-1tr.i586.rpm 335875d9db23623630c8e7a2f7ff6b35 2.2/rpms/php-devel-5.2.3-1tr.i586.rpm f445894ec53b9b0d7ec69c38e37db59f 2.2/rpms/php-exif-5.2.3-1tr.i586.rpm 6dfbf73af362155eb654b3bbf5900fe2 2.2/rpms/php-fcgi-5.2.3-1tr.i586.rpm 79dc33da7ef677c44241b4985acd6e0f 2.2/rpms/php-gd-5.2.3-1tr.i586.rpm ac208d692c6868c07d787b72405b77ec 2.2/rpms/php-imap-5.2.3-1tr.i586.rpm 281562426b06aaa035569925354b08a3 2.2/rpms/php-ldap-5.2.3-1tr.i586.rpm 3aceb6b5e05e0949959a90f762172c6a 2.2/rpms/php-mcrypt-5.2.3-1tr.i586.rpm 7dc951138c0d5abf8a8437eec57d734e 2.2/rpms/php-mhash-5.2.3-1tr.i586.rpm 698e5c3b296094a84600673439a8ba2e 2.2/rpms/php-mssql-5.2.3-1tr.i586.rpm f76695798ecf9f0c3c4005e309a97010 2.2/rpms/php-mysql-5.2.3-1tr.i586.rpm 063183e965f09e8c0581d4a21c31accb 2.2/rpms/php-mysqli-5.2.3-1tr.i586.rpm f04605d40bfed9290308d47c3464ac0c 2.2/rpms/php-openssl-5.2.3-1tr.i586.rpm 227afb0b6004cd4e07d2e276cc639b34 2.2/rpms/php-pdo-mysql-5.2.3-1tr.i586.rpm 5854d898328e4446c3d4b36e7b454695 2.2/rpms/php-pdo-sqlite-5.2.3-1tr.i586.rpm eed1a233aef2fdddd4d1961b2bc2a7c2 2.2/rpms/php-pgsql-5.2.3-1tr.i586.rpm 9ef05f267ba75169f28298783372a8ad 2.2/rpms/php-sqlite-5.2.3-1tr.i586.rpm c20518aaa32dd4b9b2f906c96c99b0c8 2.2/rpms/php-zlib-5.2.3-1tr.i586.rpm f9031f0f637cabfbf0113743a5d1ac8d 2.2/rpms/tcpdump-3.8.3-4tr.i586.rpm ORIGINAL ADVISORY: http://www.trustix.org/errata/2007/0023/ OTHER REFERENCES: SA24678: http://secunia.com/advisories/24678/ SA24824: http://secunia.com/advisories/24824/ SA25378: http://secunia.com/advisories/25378/ SA25456: http://secunia.com/advisories/25456/ SA25829: http://secunia.com/advisories/25829/ SA26038: http://secunia.com/advisories/26038/ SA26104: http://secunia.com/advisories/26104/ SA26135: http://secunia.com/advisories/26135/ SA26152: http://secunia.com/advisories/26152/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------