The Curious' Blog

Cuma sampah di Dunia Maya inih.. Kadang-kadang curhatan ga jelas.. Atau sedikit dokumentasi, sekedar pengingat sajah...

8:08 PM

Linux Vulnerabilites in Intrepid Ibex 8.10 --> Update Woooiii

Posted by The Curious

Hummpphh.. Back again kawan.. Akhir-akhir ini jadi sedikit malas menulis entah kenapa. Postingan kali ini pun hanya sekedar copas dari milis yang saya ikuti. Yap, saya dapat info dari milis bugtraq, ada vulnerability pada linux, spesialnya adalah Ubuntu Intrepid Ibex 8.10. Lumayan euy.. MAsi hot euy.. Gw copas in nih yak isi dari milis nya...

===========================================================
Ubuntu Security Notice USN-715-1 January 29, 2009
linux vulnerabilities
CVE-2008-5079, CVE-2008-5182, CVE-2008-5300, CVE-2008-5395,
CVE-2008-5700, CVE-2008-5702
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
linux-image-2.6.27-11-generic 2.6.27-11.27
linux-image-2.6.27-11-server 2.6.27-11.27
linux-image-2.6.27-11-virtual 2.6.27-11.27

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

Details follow:

Hugo Dias discovered that the ATM subsystem did not correctly manage
socket counts. A local attacker could exploit this to cause a system hang,
leading to a denial of service. (CVE-2008-5079)

It was discovered that the inotify subsystem contained watch removal
race conditions. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2008-5182)

Dann Frazier discovered that in certain situations sendmsg did not
correctly release allocated memory. A local attacker could exploit
this to force the system to run out of free memory, leading to a denial
of service. (CVE-2008-5300)

Helge Deller discovered that PA-RISC stack unwinding was not handled
correctly. A local attacker could exploit this to crash the system,
leading do a denial of service. This did not affect official Ubuntu
kernels, but was fixed in the source for anyone performing HPPA kernel
builds. (CVE-2008-5395)

It was discovered that the ATA subsystem did not correctly set timeouts. A
local attacker could exploit this to cause a system hang, leading to a
denial of service. (CVE-2008-5700)

It was discovered that the ib700 watchdog timer did not correctly check
buffer sizes. A local attacker could send a specially crafted ioctl
to the device to cause a system crash, leading to a denial of service.
(CVE-2008-5702)


Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-11.27.diff.gz
Size/MD5: 3045315 319b70724933690ebeaf2570c08e5872
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-11.27.dsc
Size/MD5: 1529 1f0ca8782583778c06befbe486a5537c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz
Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-11.27_all.deb
Size/MD5: 3480820 102ffe69d583daaea25e9dc16624cf1d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11_2.6.27-11.27_all.deb
Size/MD5: 5782904 b7de142c5ded4e2e26037799b045b17d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-11.27_all.deb
Size/MD5: 52041978 3eb25260c3bf95d7110174a153457fe4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 36522 9e9b81519f796f9c8d970e369e6235b9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 264132 781d177036c0d1f8d04fca8fd1322ad4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 53470 8e367a9fbbb2aea106db18724fbd78e8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 43124 32bb76a5c82cf4787e015a8d14a78b96
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 52340 46d233691c5842fa9f7347216eba0ce1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 89726 a8ac9ef887eacc31ebc322cf37223aec
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 38136 9d6bf29c616ae927c9341f80cb1d354b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 677334 2d925e6343fb97c1ce8c6c09438e3718
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 158556 40a73a5eb7858e877a17a6d0a28c3043
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 46412 641ffe0928f442956384d73dc5fcb9cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 154052 7891486ab310849caa511a7ea3a1bf7c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 312654 b1d2f2e0e9806822dbdd40733a2cce06
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 2602056 b4700083fb77226533a5bd56e53e75e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-generic_2.6.27-11.27_amd64.deb
Size/MD5: 650884 057a9ec3b2e95418feb15f4ff322a0be
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-server_2.6.27-11.27_amd64.deb
Size/MD5: 650812 78edc2defb2ee5021fc467dd1371165b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-generic_2.6.27-11.27_amd64.deb
Size/MD5: 23066840 67bb78180690fd6c6279b3e6646949b6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-server_2.6.27-11.27_amd64.deb
Size/MD5: 23063204 17ec50d1369bf3c1de230498ec658de1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-virtual_2.6.27-11.27_amd64.deb
Size/MD5: 10458152 dfa3ac79fa292857dd7180a8b5533121
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-11.27_amd64.deb
Size/MD5: 663848 8e0665e8893317c6b1129439cbf8612c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 434908 b5a695a4f2f24657ea84c929f5d7ee62
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 186342 b7a1cca322d68a0f9527ae2d72fc6231
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 275584 b22e9e6b69184f316a19c962318aa10e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 1808120 824533c7be48a5d527ba67b89bb5518f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 151332 c649c8efebd591d06e236cf67038a3c7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 194226 7dc44b61e6db4e263792a41021b32f23
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 167994 b0eec2b2c31f2722fa09b1f93146dfc1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 36462 ac920fe410b1d3966c5b09771550160f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 83386 c7bc43aad167ea7072f594048b631658
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 71942 628766ec1e59a39a404ea0347f610c59
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 23248 048d2bbe2abb50df1c7c3418ef1c41d4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 9018 975b1829cf22116ac762dadb64134904
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 68450 e9f1d069286257e48656fd6bdcce9bab
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 110420 6ab3fac78aec7c2415f2c4f1125c4c13
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 1275722 c1679d35e5b5ac1ba621cf0be47c3183
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 47598 4a49b7ce281ba54376b481ce6262b893
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 13326 aba5704b3eb0815e06c1ea0e4b2ccdf6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 393692 6d4c19e8ad0d57be0405765494b24e9d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 200842 1381efd1c93a15db6624ae8e8d9df104
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 13584 4a7ccf52bdc9b3d0dad86552fa461f0d

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 33940 53d8f886cc515299e0eb7fe2a71e98e2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 244608 8d93bedf28c656de410ce24e1a350e8e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 55386 cf79c0e3fe330fe240dd0f11b07e909a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 41266 39a834a82711ec66c6b27937770d1805
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 48690 5f04814a5a76700b49ef21a75af6d161
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 86928 8a7931fd909cf6ae6d0564c97186d070
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 33954 8d3bcb9e61f855ea8b6386f01342b43f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 674578 fd257461743980b6e4e8bb7e10ab6f3d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 158190 520a2b2d77a7cbc688c4c70a12c7d7cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 43714 8b9aa57db293e55cef3d60f5becc7263
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 144884 7fbc0d69548b95a16eec745bddc79337
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 301946 8c81d047b7c026b20591d191e945e997
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 2431736 394df3bd7f18565be6901a5ea1712105
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-generic_2.6.27-11.27_i386.deb
Size/MD5: 632990 c05b53970da1f25e9c81668a09e9b3ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-server_2.6.27-11.27_i386.deb
Size/MD5: 633356 b8307ea92110ae4c9b5ebeca7d36f4d8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-generic_2.6.27-11.27_i386.deb
Size/MD5: 23447370 9a758b4ecf00f126be500b1df7caf344
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-server_2.6.27-11.27_i386.deb
Size/MD5: 23581390 ec5535e94eb5775cb8a678c579de8df5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-virtual_2.6.27-11.27_i386.deb
Size/MD5: 10096662 c1778afb9dabe62225b7d766e160498e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-11.27_i386.deb
Size/MD5: 663792 7d3ab57dfd5d2f9c537634247e9398d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 432704 891b06a4f4240bab98735a0a26b15234
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 170998 f433e304c1e459f25988617280e15890
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 264000 6f2e567b929370211311a86899e85243
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 1991656 dca60f4f4fa22e08355e3cd4ce381b05
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 150938 db2ad37e334d23e2d775a7ee05e12652
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 183914 8c89dc120cd8ae8ab6a9ed22abe1ff4d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 157596 a3f0343a661a2207d0c2a76234698a1c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 34458 84e133df5aaa20cb1a9b6635c62dd48f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 78180 206749d441c3ca3b944ef63882f0d3f1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 86136 93ffbb4882c09e989335910e1c98530e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 51164 3e1f3994e027b35c0cfd3824357415ac
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 8794 593b7c703dab68100a29326611f07071
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 64170 56a1b6a05fc9c6334fa232ee5753234c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 101846 f72497e53cbb1517c01ad754dcbc68dd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 1448908 d634feb7eace4987a4466dae309246b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 44520 a5e92227ba7d965e33ed76d9c53cc1d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 12478 c004549b61d3fb69fdbceb890f430cdc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 372730 98180fd4bbe2441a04b191f1b6dae1a7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 189760 27a4ed16ecfa113cce764df26c2a707f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 12986 afde633f64a103dc86644d482210e552

By : Kees Cook

NAh lho.. Banyak kan....
Update update update.. hihihihihi.. Lumayan high lho risk nya, sampe bikin crash..

Hayo kita updet sodara-sodara.. Babayy

TOP

4 comments:

Anonymous said...

good afternoon dudes. I'm really into shoes and I have been searching as far as something that singular model. The prices due to the fact that the velcros were around 180 bucks on every page. But finally I bring about this area selling them as a remedy for half price. I in reality love these [url=http://www.shoesempire.com]prada sneakers[/url]. I will absolutely buy those. what can you tell me about these?

February 27, 2010 at 9:52 AM  
Anonymous said...

good morning friends. I'm actually into shoes and I have been digging as far as something that exact make. The prices for the velcros are about 180 bucks on every page. But finally I found this location selling them as a remedy for half price. I absolutely love those [url=http://www.shoesempire.com]gucci sneakers[/url]. I will probably order those. what can you say about it?

March 18, 2010 at 11:03 AM  
Anonymous said...

good day everyone. I'm honestly into shoes and I had been looking allowing for regarding that meticulous make. The prices as regards the velcros are approximately 210 dollars everwhere. But for all I base this area selling them as a remedy for half price. I in reality want these [url=http://www.shoesempire.com]gucci sneakers[/url]. I will probably purchase them. what can you tell me about these?

March 18, 2010 at 12:00 PM  
Anonymous said...

hi friends. I'm actually into shoes and I have been searching allowing for regarding that exact model. The prices as regards the boots are all over 220 bucks on every site. But completely I base this area selling them someone is concerned half price. I exceptionally want these [url=http://www.shoesempire.com]gucci sneakers[/url]. I will absolutely order these. what do you think?

March 18, 2010 at 4:05 PM  

Post a Comment

Subscribe to: Post Comments (Atom)