Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-58
   http://www.turbolinux.com/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 20 Oct 2003
 Last revised           : 20 Oct 2003

 Package : kernel

 Summary : Multiple vulnerabilities in kernel

 More information :
    The kernel package contains the Linux kernel (vmlinuz), the core of your Linux operating system.
    The kernel handles the basic functions of the operating system.
    - /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links,
      which could allow local users to obtain potentially sensitive information such as
      the length of passwords.
    - A race condition in the way env_start and env_end pointers are initialized in the execve
      system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause
      a denial of service (crash).
    - The STP protocol implementation does not properly verify certain lengths,
      which could allow attackers to cause a denial of service. 

 Impact :
     The vulnerabilities allow an attacker to make the cause of the denial of
     service of the kernel and to gain sensitive information on your system.

 Affected Products :
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation


 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turbopkg
 or
 # zabom update kernel kernel-BOOT kernel-doc kernel-headers kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
 ---------------------------------------------


 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/kernel-2.4.18-14.src.rpm
     41830023 9765a2ec6220266e8b2700b93459670b

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-2.4.18-14.i586.rpm
     14058234 82db3c20c79b9f0ef84eba74f4ec7b77
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-BOOT-2.4.18-14.i586.rpm
      7089082 08b378fdfe39bea52f3a6d1adeaa6064
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-doc-2.4.18-14.i586.rpm
      1456572 6777d197a1914eada0d4896da311a343
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-headers-2.4.18-14.i586.rpm
      1815315 89ecfca39f5887e447acd37a017e3396
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-14.i586.rpm
       328971 a72ece851b562ae62d123416c0ff676e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp-2.4.18-14.i586.rpm
     14541620 38b18536f9f3bf8d16aa67f97a8a88c7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp64G-2.4.18-14.i586.rpm
     14529456 297bff4f2d3bd19d5c9e2f2e1045d302
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-source-2.4.18-14.i586.rpm
     26614965 cea03467b12fe632b16a9cd4dc8f24ad

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/kernel-2.4.18-14.src.rpm
     41830023 9765a2ec6220266e8b2700b93459670b

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-2.4.18-14.i586.rpm
     14058234 82db3c20c79b9f0ef84eba74f4ec7b77
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-BOOT-2.4.18-14.i586.rpm
      7089082 08b378fdfe39bea52f3a6d1adeaa6064
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-doc-2.4.18-14.i586.rpm
      1456572 6777d197a1914eada0d4896da311a343
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-headers-2.4.18-14.i586.rpm
      1815315 89ecfca39f5887e447acd37a017e3396
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-14.i586.rpm
       328971 a72ece851b562ae62d123416c0ff676e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp-2.4.18-14.i586.rpm
     14541620 38b18536f9f3bf8d16aa67f97a8a88c7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp64G-2.4.18-14.i586.rpm
     14529456 297bff4f2d3bd19d5c9e2f2e1045d302
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-source-2.4.18-14.i586.rpm
     26614965 cea03467b12fe632b16a9cd4dc8f24ad

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/kernel-2.4.18-14.src.rpm
     41830023 9765a2ec6220266e8b2700b93459670b

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-2.4.18-14.i586.rpm
     14058234 82db3c20c79b9f0ef84eba74f4ec7b77
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-BOOT-2.4.18-14.i586.rpm
      7089082 08b378fdfe39bea52f3a6d1adeaa6064
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-doc-2.4.18-14.i586.rpm
      1456572 6777d197a1914eada0d4896da311a343
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-headers-2.4.18-14.i586.rpm
      1815315 89ecfca39f5887e447acd37a017e3396
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-14.i586.rpm
       328971 a72ece851b562ae62d123416c0ff676e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp-2.4.18-14.i586.rpm
     14541620 38b18536f9f3bf8d16aa67f97a8a88c7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp64G-2.4.18-14.i586.rpm
     14529456 297bff4f2d3bd19d5c9e2f2e1045d302
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-source-2.4.18-14.i586.rpm
     26614965 cea03467b12fe632b16a9cd4dc8f24ad

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/kernel-2.4.18-14.src.rpm
     41830023 9765a2ec6220266e8b2700b93459670b

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-2.4.18-14.i586.rpm
     14058234 82db3c20c79b9f0ef84eba74f4ec7b77
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-BOOT-2.4.18-14.i586.rpm
      7089082 08b378fdfe39bea52f3a6d1adeaa6064
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-doc-2.4.18-14.i586.rpm
      1456572 6777d197a1914eada0d4896da311a343
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-headers-2.4.18-14.i586.rpm
      1815315 89ecfca39f5887e447acd37a017e3396
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-14.i586.rpm
       328971 a72ece851b562ae62d123416c0ff676e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp-2.4.18-14.i586.rpm
     14541620 38b18536f9f3bf8d16aa67f97a8a88c7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp64G-2.4.18-14.i586.rpm
     14529456 297bff4f2d3bd19d5c9e2f2e1045d302
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-source-2.4.18-14.i586.rpm
     26614965 cea03467b12fe632b16a9cd4dc8f24ad


 Notice : You have to reboot your system after this update is finished.

 Enhancement :
    updated acpi-thermal-40,i2c-2.8.0 drivers
    added qla2xxx drivers

 References :

 CVE
   [CAN-2003-0461]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0461
   [CAN-2003-0462]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0462
   [CAN-2003-0551]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0551

 Turbolinux Security Advisory
   [TLSA-2003-41]
   http://www.turbolinux.com/security/TLSA-2003-41.txt

 --------------------------------------------------------------------------
 Revision History
    20 Oct 2003 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2003 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/k3TtK0LzjOqIJMwRAvd/AJ9sMBRj0MJR8LRENfhv2ngOtphYmQCggh1t
8hOvutRbgQeXfWSqpkgH/AQ=
=Soog
-----END PGP SIGNATURE-----




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.