The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
From: Mandriva Security Team <security@mandriva.com.>
To: [email protected]
Subject: MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability
Message-Id: <E1E8QTO-0003wb-P2@mercury.mandriva.com.>
Sender: QATeam User <qateam@mercury.mandriva.com.>
Date: Thu, 25 Aug 2005 16:45:26 -0600
X-Virus-Scanned: antivirus-gw at tyumen.ru

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________


 Package name:           bluez-utils
 Advisory ID:            MDKSA-2005:150
 Date:                   August 25th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 A vulnerability in bluez-utils was discovered by Henryk Plotz.  Due to
 missing input sanitizing, it was possible for an attacker to execute
 arbitrary commands supplied as a device name from the remote bluetooth
 device.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2547
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 a363e2012cbf365604147ea094d48e51  10.0/RPMS/bluez-utils-2.4-4.1.100mdk.i586.rpm
 b9836323e7edaefa139dbf803ed5b11a  10.0/SRPMS/bluez-utils-2.4-4.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 0c14d3c62ccbb9c53f88f41129883226  amd64/10.0/RPMS/bluez-utils-2.4-4.1.100mdk.amd64.rpm
 b9836323e7edaefa139dbf803ed5b11a  amd64/10.0/SRPMS/bluez-utils-2.4-4.1.100mdk.src.rpm

 Mandrakelinux 10.1:
 ae95bbad5bb67d20a6d209500c729062  10.1/RPMS/bluez-utils-2.10-3.1.101mdk.i586.rpm
 15c9d82af6f029699f5f17901277b4f5  10.1/RPMS/bluez-utils-cups-2.10-3.1.101mdk.i586.rpm
 e612f6d35745cba68c362003a4c163e4  10.1/SRPMS/bluez-utils-2.10-3.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 c63fc9b66c8a6886602fcc34dcc82f0b  x86_64/10.1/RPMS/bluez-utils-2.10-3.1.101mdk.x86_64.rpm
 d27d581f66ed0f4d23ad627f836e86f1  x86_64/10.1/RPMS/bluez-utils-cups-2.10-3.1.101mdk.x86_64.rpm
 e612f6d35745cba68c362003a4c163e4  x86_64/10.1/SRPMS/bluez-utils-2.10-3.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 f909df9003986b72b21a95044298ddba  10.2/RPMS/bluez-utils-2.14-1.1.102mdk.i586.rpm
 c3a06b22a142cb1a5b3f9d07e7acc65f  10.2/RPMS/bluez-utils-cups-2.14-1.1.102mdk.i586.rpm
 c8e48eedc86d6f3dc5e1aa97d4b819fd  10.2/SRPMS/bluez-utils-2.14-1.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 1dccad3836e309b8046d677eccc96cc5  x86_64/10.2/RPMS/bluez-utils-2.14-1.1.102mdk.x86_64.rpm
 76ace2f605fccfb1570c3f74d6c1a5ef  x86_64/10.2/RPMS/bluez-utils-cups-2.14-1.1.102mdk.x86_64.rpm
 c8e48eedc86d6f3dc5e1aa97d4b819fd  x86_64/10.2/SRPMS/bluez-utils-2.14-1.1.102mdk.src.rpm

 Corporate 3.0:
 e9db54c7ed37293e88f9a6a296ef5aa2  corporate/3.0/RPMS/bluez-utils-2.4-4.1.C30mdk.i586.rpm
 68ecbc8a999f219d5613b5ddc3aed4df  corporate/3.0/SRPMS/bluez-utils-2.4-4.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 6cd0acb52a764d5ed594b616c0947db4  x86_64/corporate/3.0/RPMS/bluez-utils-2.4-4.1.C30mdk.x86_64.rpm
 68ecbc8a999f219d5613b5ddc3aed4df  x86_64/corporate/3.0/SRPMS/bluez-utils-2.4-4.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDDkoGmqjQ0CJFipgRAnlNAKCF87ZavpMhfLYGibRLgs4xgSEheQCg6j8f
OVri7gtCTXz7Kn58ruNfTEI=
=BEvC
-----END PGP SIGNATURE-----


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру