---

Advisories, May 24, 2006

Debian GNU/Linux


Debian Security Advisory DSA 1074-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
May 24th, 2006 http://www.debian.org/security/faq


Package : mpg123
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-1655
BugTraq ID : 17365
Debian Bug : 361863

Alejandro Hernández discovered a vulnerability in mpg123,
a command-line player for MPEG audio files. Insufficient validation
of MPEG 2.0 layer 3 files results in several buffer overflows.

For the stable distribution (sarge) these problems have been
fixed in version 0.59r-20sarge1.

For the unstable distribution (sid) these problems have been
fixed in version 0.59r-22.

We recommend that you upgrade your mpg123 packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1.dsc

      Size/MD5 checksum: 751
ba026638de21be9fa5061056bd53a43d
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1.diff.gz

      Size/MD5 checksum: 41527
3119adeed1228f6bd10c3f7100a308e0
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r.orig.tar.gz

      Size/MD5 checksum: 159028
95df59ad1651dd2346d49fafc83747e7

Alpha architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_alpha.deb

      Size/MD5 checksum: 124974
b9ea8480d28e09e27673072ade3021e3
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123-esd_0.59r-20sarge1_alpha.deb

      Size/MD5 checksum: 124814
55e68e2a8a4ad452d9078d26550fcd3b

ARM architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_arm.deb

      Size/MD5 checksum: 102068
82ab3c03fc9256ad5e5049152a8c00fc

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_i386.deb

      Size/MD5 checksum: 87160
a072702eaf20b77fd0438ffeb28eede9
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123-esd_0.59r-20sarge1_i386.deb

      Size/MD5 checksum: 87232
54462dbc34ad9fbbfce90fec5608e79f
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123-nas_0.59r-20sarge1_i386.deb

      Size/MD5 checksum: 90148
c4d04e08d4326ec2e734675922dd8f61
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123-oss-3dnow_0.59r-20sarge1_i386.deb

      Size/MD5 checksum: 90392
e8166266d16a7f503547217a58d871bb
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123-oss-i486_0.59r-20sarge1_i386.deb

      Size/MD5 checksum: 93850
e7b3d76e2e011f2f6e70630e0cb15737

HP Precision architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_hppa.deb

      Size/MD5 checksum: 101702
5f04ef0d8a5ae5c30f3acdc0c00b0927

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_m68k.deb

      Size/MD5 checksum: 80232
e81a61a8c84c0a776655501b3cfff93c

PowerPC architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_powerpc.deb

      Size/MD5 checksum: 96536
cf2cf30c6c4d4b912c4585979c823eab
    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123-esd_0.59r-20sarge1_powerpc.deb

      Size/MD5 checksum: 98058
04843c3a016782384e2dc5ae987a365d

Sun Sparc architecture:

    http://security.debian.org/pool/updates/non-free/m/mpg123/mpg123_0.59r-20sarge1_sparc.deb

      Size/MD5 checksum: 91586
3cc30d3290684dbce40e71acec6202ad

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Mandriva Linux


Mandriva Linux Security Advisory MDKSA-2006:087
http://www.mandriva.com/security/


Package : kernel
Date : May 24, 2006
Affected: 2006.0


Problem Description:

Memory corruption can be triggered remotely when the
ip_nat_snmp_basic module is loaded and traffic on port 161 or 162
is NATed.

The provided packages are patched to fix this vulnerability.
Users who may be running netfilter on important servers are
encouraged to upgrade to these updated kernels.

To update your kernel, please follow the directions located
at:

http://www.mandriva.com/en/security/kernelupdate


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2444


Updated Packages:

Mandriva Linux 2006.0:
4dc3aebce01743d22ccfdcf2d7e6be1c
2006.0/RPMS/kernel-2.6.12.22mdk-1-1mdk.i586.rpm
4df75974100f1d867b227f83aac9bc2e
2006.0/RPMS/kernel-BOOT-2.6.12.22mdk-1-1mdk.i586.rpm
7ad9ef00021f9e0938932014f22e4bba
2006.0/RPMS/kernel-i586-up-1GB-2.6.12.22mdk-1-1mdk.i586.rpm
44eae16e32239f239346e620cd0f7b15
2006.0/RPMS/kernel-i686-up-4GB-2.6.12.22mdk-1-1mdk.i586.rpm
e01abef21d8d14e6d6c879f56ebe684b
2006.0/RPMS/kernel-smp-2.6.12.22mdk-1-1mdk.i586.rpm
5d3826385c72a86a3ebcf564529d85b1
2006.0/RPMS/kernel-source-2.6-2.6.12-22mdk.i586.rpm
79586cea137b4d36658d3fd7b313ef8b
2006.0/RPMS/kernel-source-stripped-2.6-2.6.12-22mdk.i586.rpm
883243ea22ad7eb494b1546a4a390507
2006.0/RPMS/kernel-xbox-2.6.12.22mdk-1-1mdk.i586.rpm
4283b2f1fefe78b8459ffb3611fb1273
2006.0/RPMS/kernel-xen0-2.6.12.22mdk-1-1mdk.i586.rpm
eb25ea2db1336906f145cf20a84f29a6
2006.0/RPMS/kernel-xenU-2.6.12.22mdk-1-1mdk.i586.rpm
f34885d9d75928e9371f1ca3dd620fd3
2006.0/SRPMS/kernel-2.6.12.22mdk-1-1mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
94fc9062208f2bc8010f64070f505133
x86_64/2006.0/RPMS/kernel-2.6.12.22mdk-1-1mdk.x86_64.rpm
fad1ee518ba360420a9dc7f544ace3ee
x86_64/2006.0/RPMS/kernel-BOOT-2.6.12.22mdk-1-1mdk.x86_64.rpm
88d61abf3296793a136cc8c662030b34
x86_64/2006.0/RPMS/kernel-smp-2.6.12.22mdk-1-1mdk.x86_64.rpm
d57c2d28a28e66b2eafe716d22971619
x86_64/2006.0/RPMS/kernel-source-2.6-2.6.12-22mdk.x86_64.rpm
6c0ff6667a79390e8260d30ff7f2faa5
x86_64/2006.0/RPMS/kernel-source-stripped-2.6-2.6.12-22mdk.x86_64.rpm

f34885d9d75928e9371f1ca3dd620fd3
x86_64/2006.0/SRPMS/kernel-2.6.12.22mdk-1-1mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>


Mandriva Linux Security Advisory MDKSA-2006:088
http://www.mandriva.com/security/


Package : hostapd
Date : May 24, 2006
Affected: 10.2, 2006.0


Problem Description:

Hostapd 0.3.7 allows remote attackers to cause a denial of
service (segmentation fault) via an unspecified value in the
key_data_length field of an EAPoL frame.

Packages have been patched to correct this issue.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2213


Updated Packages:

Mandriva Linux 10.2:
9154a5005bc66dae4528cd3008dbca09
10.2/RPMS/hostapd-0.3.7-2.1.102dk.i586.rpm
699e613fea4270c79ee1849d96f1ee03
10.2/SRPMS/hostapd-0.3.7-2.1.102dk.src.rpm

Mandriva Linux 10.2/X86_64:
810b867b9562b11ce4ecb6ab7e3bd352
x86_64/10.2/RPMS/hostapd-0.3.7-2.1.102dk.x86_64.rpm
699e613fea4270c79ee1849d96f1ee03
x86_64/10.2/SRPMS/hostapd-0.3.7-2.1.102dk.src.rpm

Mandriva Linux 2006.0:
4d85ab25bff640f3176c5bb55ddcc214
2006.0/RPMS/hostapd-0.3.7-2.1.20060mdk.i586.rpm
fe727611379d2f48798361d8d2be4bc1
2006.0/SRPMS/hostapd-0.3.7-2.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
a1952ce345775472df1aa7636fd7b5cc
x86_64/2006.0/RPMS/hostapd-0.3.7-2.1.20060mdk.x86_64.rpm
fe727611379d2f48798361d8d2be4bc1
x86_64/2006.0/SRPMS/hostapd-0.3.7-2.1.20060mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>


Mandriva Linux Security Advisory MDKSA-2006:089
http://www.mandriva.com/security/


Package : kphone
Date : May 24, 2006
Affected: 2006.0


Problem Description:

Kphone creates .qt/kphonerc with world-readable permissions,
which allows local users to read usernames and SIP passwords.

Packages have been patched to correct this issue.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2442


Updated Packages:

Mandriva Linux 2006.0:
fca945c8a4e1237ab7b684256ee00f63
2006.0/RPMS/kphone-4.2-5.1.20060mdk.i586.rpm
bd5080d59632c0ae685376bfe2084b76
2006.0/SRPMS/kphone-4.2-5.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
e109b023b0d240cead8eee2db6d3dcf1
x86_64/2006.0/RPMS/kphone-4.2-5.1.20060mdk.x86_64.rpm
bd5080d59632c0ae685376bfe2084b76
x86_64/2006.0/SRPMS/kphone-4.2-5.1.20060mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Red Hat Linux


Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2006:0493-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0493.html

Issue date: 2006-05-24
Updated on: 2006-05-24
Product: Red Hat Enterprise Linux
Keywords: nahant kernel update
Obsoletes: RHSA-2006:0132
CVE Names: CVE-2005-2973 CVE-2005-3272 CVE-2005-3359 CVE-2006-0555
CVE-2006-0741 CVE-2006-0744 CVE-2006-1522 CVE-2006-1525
CVE-2006-1527 CVE-2006-1528 CVE-2006-1855 CVE-2006-1856
CVE-2006-1862 CVE-2006-1864 CVE-2006-2271 CVE-2006-2272
CVE-2006-2274


1. Summary:

Updated kernel packages that fix several security issues in the
Red Hat Enterprise Linux 4 kernel are now available.

This security advisory has been rated as having important
security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 – i386, ia64, noarch, ppc,
s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, noarch,
x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, noarch,
x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, noarch,
x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating
system.

These new kernel packages contain fixes for the security issues
described below:

  • a flaw in the IPv6 implementation that allowed a local user to
    cause a denial of service (infinite loop and crash) (CVE-2005-2973,
    important)
  • a flaw in the bridge implementation that allowed a remote user
    to cause forwarding of spoofed packets via poisoning of the
    forwarding table with already dropped frames (CVE-2005-3272,
    moderate)
  • a flaw in the atm module that allowed a local user to cause a
    denial of service (panic) via certain socket calls (CVE-2005-3359,
    important)
  • a flaw in the NFS client implementation that allowed a local
    user to cause a denial of service (panic) via O_DIRECT writes
    (CVE-2006-0555, important)
  • a difference in “sysretq” operation of EM64T (as opposed to
    Opteron) processors that allowed a local user to cause a denial of
    service (crash) upon return from certain system calls
    (CVE-2006-0741 and CVE-2006-0744, important)
  • a flaw in the keyring implementation that allowed a local user
    to cause a denial of service (OOPS) (CVE-2006-1522, important)
  • a flaw in IP routing implementation that allowed a local user
    to cause a denial of service (panic) via a request for a route for
    a multicast IP (CVE-2006-1525, important)
  • a flaw in the SCTP-netfilter implementation that allowed a
    remote user to cause a denial of service (infinite loop)
    (CVE-2006-1527, important)
  • a flaw in the sg driver that allowed a local user to cause a
    denial of service (crash) via a dio transfer to memory mapped
    (mmap) IO space (CVE-2006-1528, important)
  • a flaw in the threading implementation that allowed a local
    user to cause a denial of service (panic) (CVE-2006-1855,
    important)
  • two missing LSM hooks that allowed a local user to bypass the
    LSM by using readv() or writev() (CVE-2006-1856, moderate)
  • a flaw in the virtual memory implementation that allowed local
    user to cause a denial of service (panic) by using the lsof command
    (CVE-2006-1862, important)
  • a directory traversal vulnerability in smbfs that allowed a
    local user to escape chroot restrictions for an SMB-mounted
    filesystem via “..” sequences (CVE-2006-1864, moderate)
  • a flaw in the ECNE chunk handling of SCTP that allowed a remote
    user to cause a denial of service (panic) (CVE-2006-2271,
    moderate)
  • a flaw in the handling of COOKIE_ECHO and HEARTBEAT control
    chunks of SCTP that allowed a remote user to cause a denial of
    service (panic) (CVE-2006-2272, moderate)
  • a flaw in the handling of DATA fragments of SCTP that allowed a
    remote user to cause a denial of service (infinite recursion and
    crash) (CVE-2006-2274, moderate)

All Red Hat Enterprise Linux 4 users are advised to upgrade
their kernels to the packages associated with their machine
architectures and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all
previously-released errata relevant to your system have been
applied. Use Red Hat Network to download and update your packages.
To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to
the following Web page for the System Administration or
Customization guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

168791 – CVE-2006-1528 Possible local crash by dio/mmap sg
driver
170772 – CVE-2005-2973 ipv6 infinite loop
171383 – CVE-2005-3272 bridge poisoning
175769 – CVE-2005-3359 incorrect inrement/decrement in atm module
leads to panic
181795 – CVE-2006-0555 NFS client panic using O_DIRECT
183489 – CVE-2006-0741 bad elf entry address (CVE-2006-0744)
187841 – CVE-2006-1855 Old thread debugging causes false BUG() in
choose_new_parent
188466 – CVE-2006-1522 DoS/bug in keyring code (security/keys/)
189260 – CVE-2006-1862 The lsof command triggers a kernel oops
under heavy load
189346 – CVE-2006-1525 ip_route_input() panic
189435 – CVE-2006-1864 smbfs chroot issue
190460 – CVE-2006-1527 netfilter/sctp: lockup in sctp_new()
191201 – CVE-2006-2271 SCTP ECNE chunk handling DoS
191202 – CVE-2006-2272 SCTP incoming COOKIE_ECHO and HEARTBEAT
packets DoS
191258 – CVE-2006-2274 SCTP DATA fragments DoS
191524 – CVE-2006-1856 LSM missing readv/writev

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-34.0.1.EL.src.rpm

d43492e556689a0607d7bafd927024b7
kernel-2.6.9-34.0.1.EL.src.rpm

i386:
34813080d97fdd6f647fd7d4f809c7fc
kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d

kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674
kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3

kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406
kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d

kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899
kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm

ia64:
bb16d7851570a9973acc285b1c10d4c5
kernel-2.6.9-34.0.1.EL.ia64.rpm
b09b0d137ec1fe6f4362c3a278b4181e

kernel-debuginfo-2.6.9-34.0.1.EL.ia64.rpm
20207fbb33c783bad9de5c2d8d8b9a07
kernel-devel-2.6.9-34.0.1.EL.ia64.rpm
3a4a43172ab8119ffcec9a28abce6a69

kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm
58810e499bf182b64a4a11b2391e04b3
kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm

noarch:
4969d66062c65e2f969a5b23f3d038fb
kernel-doc-2.6.9-34.0.1.EL.noarch.rpm

ppc:
50f16a3bc3db576300e8ed39b7e58696
kernel-2.6.9-34.0.1.EL.ppc64.rpm
40f0c5f7d16d02e70f7058572c59829d

kernel-2.6.9-34.0.1.EL.ppc64iseries.rpm
9c189ac2cd58ae5db8c6bc98858cf411
kernel-debuginfo-2.6.9-34.0.1.EL.ppc64.rpm
ed5ae1b541ca2147b6acfda916fb0524

kernel-debuginfo-2.6.9-34.0.1.EL.ppc64iseries.rpm
80b022ce31c0fd4fe94742f36e528d75
kernel-devel-2.6.9-34.0.1.EL.ppc64.rpm
65479dc320135ebefacb42c27ded8277

kernel-devel-2.6.9-34.0.1.EL.ppc64iseries.rpm
1e22096056638a03e4c473a0d0158268
kernel-largesmp-2.6.9-34.0.1.EL.ppc64.rpm
224188bba442a6b6109689afb7bba903

kernel-largesmp-devel-2.6.9-34.0.1.EL.ppc64.rpm

s390:
8ddc9750a621e3ea4142d1adfd06a5c5
kernel-2.6.9-34.0.1.EL.s390.rpm
390b94a99981c86375e2b5d7bc2d6084

kernel-debuginfo-2.6.9-34.0.1.EL.s390.rpm
ba2a9b707ce91af1e7ae817b726ed6c5
kernel-devel-2.6.9-34.0.1.EL.s390.rpm

s390x:
4bf39050d27a794cc1df5b3eb916484a
kernel-2.6.9-34.0.1.EL.s390x.rpm
ee55f330c834a2fd38f31759caec18e0

kernel-debuginfo-2.6.9-34.0.1.EL.s390x.rpm
e959fb20625849eccbd399958265fe84
kernel-devel-2.6.9-34.0.1.EL.s390x.rpm

x86_64:
055f1e2e0ec115d813792811018da5e6
kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166

kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710
kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802

kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356
kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c

kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472
kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-34.0.1.EL.src.rpm

d43492e556689a0607d7bafd927024b7
kernel-2.6.9-34.0.1.EL.src.rpm

i386:
34813080d97fdd6f647fd7d4f809c7fc
kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d

kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674
kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3

kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406
kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d

kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899
kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm

noarch:
4969d66062c65e2f969a5b23f3d038fb
kernel-doc-2.6.9-34.0.1.EL.noarch.rpm

x86_64:
055f1e2e0ec115d813792811018da5e6
kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166

kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710
kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802

kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356
kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c

kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472
kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-34.0.1.EL.src.rpm

d43492e556689a0607d7bafd927024b7
kernel-2.6.9-34.0.1.EL.src.rpm

i386:
34813080d97fdd6f647fd7d4f809c7fc
kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d

kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674
kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3

kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406
kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d

kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899
kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm

ia64:
bb16d7851570a9973acc285b1c10d4c5
kernel-2.6.9-34.0.1.EL.ia64.rpm
b09b0d137ec1fe6f4362c3a278b4181e

kernel-debuginfo-2.6.9-34.0.1.EL.ia64.rpm
20207fbb33c783bad9de5c2d8d8b9a07
kernel-devel-2.6.9-34.0.1.EL.ia64.rpm
3a4a43172ab8119ffcec9a28abce6a69

kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm
58810e499bf182b64a4a11b2391e04b3
kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm

noarch:
4969d66062c65e2f969a5b23f3d038fb
kernel-doc-2.6.9-34.0.1.EL.noarch.rpm

x86_64:
055f1e2e0ec115d813792811018da5e6
kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166

kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710
kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802

kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356
kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c

kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472
kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:

ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-34.0.1.EL.src.rpm

d43492e556689a0607d7bafd927024b7
kernel-2.6.9-34.0.1.EL.src.rpm

i386:
34813080d97fdd6f647fd7d4f809c7fc
kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d

kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674
kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3

kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406
kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d

kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899
kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm

ia64:
bb16d7851570a9973acc285b1c10d4c5
kernel-2.6.9-34.0.1.EL.ia64.rpm
b09b0d137ec1fe6f4362c3a278b4181e

kernel-debuginfo-2.6.9-34.0.1.EL.ia64.rpm
20207fbb33c783bad9de5c2d8d8b9a07
kernel-devel-2.6.9-34.0.1.EL.ia64.rpm
3a4a43172ab8119ffcec9a28abce6a69

kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm
58810e499bf182b64a4a11b2391e04b3
kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm

noarch:
4969d66062c65e2f969a5b23f3d038fb
kernel-doc-2.6.9-34.0.1.EL.noarch.rpm

x86_64:
055f1e2e0ec115d813792811018da5e6
kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166

kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710
kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802

kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356
kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c

kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472
kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key
and details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2973

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3272

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3359

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0555

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0741

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1522

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1525

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1527

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1528

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1855

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1856

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2271

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2272

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274

http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.

Ubuntu Linux


Ubuntu Security Notice USN-285-1 May 23, 2006
awstats vulnerability
CVE-2006-2237


A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

awstats

The problem can be corrected by upgrading the affected package
to version 6.3-1ubuntu0.2 (for Ubuntu 5.04), or 6.4-1ubuntu1.1 (for
Ubuntu 5.10). In general, a standard system upgrade is sufficient
to effect the necessary changes.

Details follow:

AWStats did not properly sanitize the ‘migrate’ CGI parameter.
If the update of the stats via web front-end is allowed, a remote
attacker could execute arbitrary commands on the server with the
privileges of the AWStats server.

This does not affect AWStats installations which only build
static pages.

Updated packages for Ubuntu 5.04:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.2.diff.gz

      Size/MD5: 25306
1f013ca8aaad65d8f3ae148e194b3551
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.2.dsc

      Size/MD5: 595
46a103a327e1f1bad3876927c7e66198
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3.orig.tar.gz

      Size/MD5: 938794
edb73007530a5800d53b9f1f90c88053

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.3-1ubuntu0.2_all.deb

      Size/MD5: 726430
728ee50f468a4cf3693a32b98c94b455

Updated packages for Ubuntu 5.10:

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.1.diff.gz

      Size/MD5: 18541
e186b842fbd2d4d97b65eacf7c9c1295
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.1.dsc

      Size/MD5: 595
c5784c2c1bfa002abbfa77d936bc2da5
    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4.orig.tar.gz

      Size/MD5: 918435
056e6fb0c7351b17fe5bbbe0aa1297b1

Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/awstats/awstats_6.4-1ubuntu1.1_all.deb

      Size/MD5: 728490
60ca39a436e3a21a838560db5d8a5f3b

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis