[Message Precedent sur la mailing][Message Suivant sur la mailing][Precedent dans le fil][Prochain dans le fil][Index par Date][Index par fil] [SA32509] Ubuntu update for kernel


Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details:
link://[click]





TITLE:
Ubuntu update for kernel



SECUNIA ADVISORY ID:
SA32509



VERIFY ADVISORY:
link://[click]



CRITICAL:
Moderately critical



IMPACT:
DoS, System access



WHERE:
From remote



OPERATING SYSTEM:
Ubuntu Linux 8.10
link://[click]



DESCRIPTION:
Ubuntu has issued an update for the kernel. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) or to potentially compromise a vulnerable
system.



The vulnerability is caused due to a boundary error in the
ndiswrapper kernel driver when processing wireless network packets.


This can be exploited to cause a buffer overflow via an overly long
ESSID (Extended Service Set Identifier).



Successful exploitation may allow execution of arbitrary code.



SOLUTION:
Apply updated packages.



-- Ubuntu 8.10 --

Source archives:

link://[click]
Size/MD5:2863888 b1052e6aee92d46c4145620b1b8e65ee
link://[click]
Size/MD5: 1513 28e5b4d99b4ff47bdd31a7c7c125c3d0
link://[click]
Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55

Architecture independent packages:

link://[click]
Size/MD5:3469330 aa00f7f555299257767ee8bf5d2bd08f
link://[click]
Size/MD5:5770686 3f4d5517ab70ac57766244843b06bc24
link://[click]
Size/MD5: 51951896 db1f17d562bb0c31e5fd2839dd5538a1

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

link://[click]
Size/MD5:36502 7aaa51517f74f727cd9b247ad3bdf241
link://[click]
Size/MD5: 263916 ffd1d0223f84312694b853ddcc3f6f2a
link://[click]
Size/MD5:53480 736c4c1f8c1b69408dcef471031af2c1
link://[click]
Size/MD5:43114 86d52a39e37574f906424b6bcfb9132e
link://[click]
Size/MD5:52364 9e6193a120fd97f0f22eda94ca65d49b
link://[click]
Size/MD5:89712 75b58dda7c91a14f102dd513a9884b91
link://[click]
Size/MD5:38126 107bd036a86295b765b865b592cae856
link://[click]
Size/MD5: 676982 b162978a3b55d0a7f3682ea28c23e2b2
link://[click]
Size/MD5: 158454 aaf6ae3e6d430f7e06f71b398e2a7433
link://[click]
Size/MD5:46404 52491f24cdfee2795758dd28ab1a8583
link://[click]
Size/MD5: 154016 054373c25e230ae6d2d7de5026c78aa8
link://[click]
Size/MD5: 312610 033df8299f5c265367ea295c83165e3b
link://[click]
Size/MD5:2596386 37ee7ec2a1d488e6f6de8f34176987f4
link://[click]
Size/MD5: 639082 ed8f3a70d90f169d172c6e173e0b6b1b
link://[click]
Size/MD5: 638916 ffae21ca3ebd4400d503913ea9f08a77
link://[click]
Size/MD5: 23022032 fd3e4e8ab005389ec0cc615cea22874d
link://[click]
Size/MD5: 23010520 0b171157949ada26b8ba89d8e67ddc0e
link://[click]
Size/MD5: 10436412 530186b8d1d7dc10e507e6bc452403ab
link://[click]
Size/MD5: 653232 f48b15dbf0ba532ccb97e22a7d3b4627
link://[click]
Size/MD5: 434628 bc318d4de2651e91305548666dead618
link://[click]
Size/MD5: 186306 c3ca7cc803a73d5aca4e0c80464d8274
link://[click]
Size/MD5: 275524 899bdf5de6963962c89b691eb26cd28d
link://[click]
Size/MD5:1743146 5d9c0145c50ab7e0c51fbc0cef950834
link://[click]
Size/MD5: 151282 c02d1b6ef56dc28403beadad2bf88309
link://[click]
Size/MD5: 194184 66a2c1f8320659b94f6b90f119a9c964
link://[click]
Size/MD5: 167964 df927206736f4f2a8a7be1e7f013194f
link://[click]
Size/MD5:36454 e7312f2e6286590c1dbcbe5e7de35eeb
link://[click]
Size/MD5:83384 5d38ea1f3a73bad990ed52f66c7a7a28
link://[click]
Size/MD5:71938 087964f10e908341f287ccea80e27008
link://[click]
Size/MD5:23244 643c72067e2cb27c1ec228fc8d57e217
link://[click]
Size/MD5: 9012 360892e9ef95ab6bd1dc90bb9e08249d
link://[click]
Size/MD5:68450 67e964ac3d95c5f4a1b12e6b271de74a
link://[click]
Size/MD5: 110228 e18c86fcc58d390c4d2ad0e58fcb16a9
link://[click]
Size/MD5:1275798 5242af32c6a8a1e38f31e7d8d8857644
link://[click]
Size/MD5:47570 f8e459e40f399d1f966111122344504b
link://[click]
Size/MD5:13312 03eb83515fc5d90aeb272c540e165c6f
link://[click]
Size/MD5: 391200 b7c4499c38f44e23908ef0fb63bdca45
link://[click]
Size/MD5: 198786 770b109f3971e9718fbeb2cc5f05c35d
link://[click]
Size/MD5:13578 dba0b8949f78e43c90545b7fd092c7b6

i386 architecture (x86 compatible Intel/AMD):

link://[click]
Size/MD5:33934 cfb49d89dd70429f2b730c7a2e8964b8
link://[click]
Size/MD5: 244326 f8aedcc6ff1c95f0bacd870628bd34bd
link://[click]
Size/MD5:55394 ee8205b481dd6112058349957db14aa6
link://[click]
Size/MD5:41252 54cf9023f441a0699b3b380de4058160
link://[click]
Size/MD5:48696 2e10bdbbd0be743e553bfd937ba44d9a
link://[click]
Size/MD5:86902 f5ed38f167db71b3601d1811a8b45a17
link://[click]
Size/MD5:33940 2e90360f4470554283ebd7670cad3a57
link://[click]
Size/MD5: 674272 22f6dcac8dce84d5163d062bdf09460f
link://[click]
Size/MD5: 158080 80298237cf5abe9f179750748d4858f4
link://[click]
Size/MD5:43708 d3135a501ea45cf5e18576c92cee7759
link://[click]
Size/MD5: 144930 abadde5392b98fcdb9d7ce8fa508f746
link://[click]
Size/MD5: 301938 1f69318efc172f2bdab1ca436471ea48
link://[click]
Size/MD5:2427088 0e03f701335f5379361ce51bec448626
link://[click]
Size/MD5: 620778 7228c2aa323fcf657c4d69263ea1821a
link://[click]
Size/MD5: 622006 75832cee4f8b79b1add067a274885c04
link://[click]
Size/MD5: 23398356 d5209ae17503b72ba9024f6ae5ba2a05
link://[click]
Size/MD5: 23535584 4af9bab584739538dcb962c208cdd31d
link://[click]
Size/MD5: 10068962 55196eb464330b1376db54f0a93b9a04
link://[click]
Size/MD5: 653202 18623f809fe95a1fce18d03b727d2f72
link://[click]
Size/MD5: 432650 7102e7cd30bddcc5c64c9949a3b00fc9
link://[click]
Size/MD5: 170996 d1b2396fefe97dd11b56d0ab9b6bc8ef
link://[click]
Size/MD5: 263918 70f6f3a4c7d11b3dc83e0ea3892a3b4c
link://[click]
Size/MD5:1929778 484509b351a85edca959c0308251633e
link://[click]
Size/MD5: 150870 2ffdb3d3586d260c172a4c2a10704d6d
link://[click]
Size/MD5: 183920 b2b6944a79df8f5cfea8e864faff1a73
link://[click]
Size/MD5: 157516 88a61734f85432779c5437a3256aff7c
link://[click]
Size/MD5:34460 4a5bb06da997b163eabe8d2506276067
link://[click]
Size/MD5:78194 e70a5b2735f1565acfd0dccdd42e02f9
link://[click]
Size/MD5:86118 2e8ca4c040d8c6f4a51f2064133b8d61
link://[click]
Size/MD5:51170 c9fa04db1560010ef4c393a5a1e0ef08
link://[click]
Size/MD5: 8792 4e53440551c157be34f48106cfccca38
link://[click]
Size/MD5:64160 79f8e7c6a08ce1882215735cfd1846ee
link://[click]
Size/MD5: 101660 b3b6d533bbd7d88cf9bcad3cdc2dd8c8
link://[click]
Size/MD5:1448942 8b58e86b771357133c686be093ec88e5
link://[click]
Size/MD5:44504 9a83fcd3376f36a861c5d82f894e1041
link://[click]
Size/MD5:12466 26fb29b1db43062d593f44bb69865785
link://[click]
Size/MD5: 370290 db295ecbc011997bb66d83c69006a1c1
link://[click]
Size/MD5: 187670 8ef20029cc61364b9df6c182da1dd8b8
link://[click]
Size/MD5:12974 087166c052778fbe0c10e72cc9b3ffe8

PROVIDED AND/OR DISCOVERED BY:
Ubuntu credits Anders Kaseorg.





ORIGINAL ADVISORY:
link://[click]





About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.



Subscribe:
link://[click]



Definitions: (Criticality, Where etc.)
link://[click]




Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.


Secunia NEVER sends attached files with advisories.


Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Precedent par Date: [SA32463] Red Hat update for openoffice.org
Suivant par Date: [SA32555] DHCart "order.php" Two Cross-Site Scripting Vulnerabilities
Precedent par fil : [SA32463] Red Hat update for openoffice.org
Suivant par fil : [SA32555] DHCart "order.php" Two Cross-Site Scripting Vulnerabilities
Index(s):
- Date
- Fil

Archives de la liste de diffusion Secunia
Archives de la liste de diffusion Full Disclosure

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre + de mots clés avec l'annuaire des articles publiés sur SecuObs

Mini-Tagwall de l'annuaire video :

curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack + de mots clés avec l'annuaire de la revue Twitter