LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Subject: [Security Announce] [ MDVSA-2008:207 ] openafs Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks (CVE-2007-6559). The updated packages have been patched to prevent this issue.
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:207
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : openafs
 Date    : September 29, 2008
 Affected: 2007.1, 2008.0
 _______________________________________________________________________

 Problem Description:

 A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote
 attackers to cause a denial of service (daemon crash) by simultaneously
 acquiring and giving back file callbacks (CVE-2007-6559).
 
 The updated packages have been patched to prevent this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6559
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2007.1:
 5cfed2da74437280e139bd9a37b99a27  2007.1/i586/dkms-libafs-1.4.2-3.1mdv2007.1.i586.rpm
 ce10b8248835c3c2f204d3316bde628d  2007.1/i586/libopenafs1-1.4.2-3.1mdv2007.1.i586.rpm
 a2c32eaa669fa364bf57988bf37e2a0e  2007.1/i586/libopenafs1-devel-1.4.2-3.1mdv2007.1.i586.rpm
 d0f2303b30ab06ec269f2aa47344adb7  2007.1/i586/openafs-1.4.2-3.1mdv2007.1.i586.rpm
 2db7adc9de4e14fc46242443d187c3c5  2007.1/i586/openafs-client-1.4.2-3.1mdv2007.1.i586.rpm
 2c309a5d6e3dfb4b80a75020403738ec  2007.1/i586/openafs-doc-1.4.2-3.1mdv2007.1.i586.rpm
 8ecb2c606b6d14652faf0d622bdb7d47  2007.1/i586/openafs-server-1.4.2-3.1mdv2007.1.i586.rpm 
 347d09eeb8161a41cde69cdeb0cd806e  2007.1/SRPMS/openafs-1.4.2-3.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 bdb3839cfe0fc276aa7555eba6be98fb  2007.1/x86_64/dkms-libafs-1.4.2-3.1mdv2007.1.x86_64.rpm
 df407d1f16cc88952d1ca98aa40a272d  2007.1/x86_64/lib64openafs1-1.4.2-3.1mdv2007.1.x86_64.rpm
 0295c0f5e7abca166dc6cdf264eb4f89  2007.1/x86_64/lib64openafs1-devel-1.4.2-3.1mdv2007.1.x86_64.rpm
 9a6da83f844d159f33a60eb77365d737  2007.1/x86_64/openafs-1.4.2-3.1mdv2007.1.x86_64.rpm
 02c3be035c0fd82ee110cc22b5d8556f  2007.1/x86_64/openafs-client-1.4.2-3.1mdv2007.1.x86_64.rpm
 f50541fbf4049a44bb3d18ec5e86f2c7  2007.1/x86_64/openafs-doc-1.4.2-3.1mdv2007.1.x86_64.rpm
 fa5907f7c52987a3bae025ddfbb056a9  2007.1/x86_64/openafs-server-1.4.2-3.1mdv2007.1.x86_64.rpm 
 347d09eeb8161a41cde69cdeb0cd806e  2007.1/SRPMS/openafs-1.4.2-3.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 95e60cbbac6d339b98ce84f70b6b3b32  2008.0/i586/dkms-libafs-1.4.4-8.2mdv2008.0.i586.rpm
 ed989de74390d86ae0e372c1bfbef739  2008.0/i586/libopenafs1-1.4.4-8.2mdv2008.0.i586.rpm
 b6f4d164c16d1665cf89b40221177d4b  2008.0/i586/libopenafs1-devel-1.4.4-8.2mdv2008.0.i586.rpm
 b7b01d26a73d53dafba59ecdba0f589e  2008.0/i586/openafs-1.4.4-8.2mdv2008.0.i586.rpm
 67e23acb150545d2725cde43312e5c10  2008.0/i586/openafs-client-1.4.4-8.2mdv2008.0.i586.rpm
 40603c470a595475d0a4e26343ac1a50  2008.0/i586/openafs-doc-1.4.4-8.2mdv2008.0.i586.rpm
 c1512c6915d515588973ae8f4634f8f7  2008.0/i586/openafs-server-1.4.4-8.2mdv2008.0.i586.rpm 
 9844d673b334a84137fcf26d6f052190  2008.0/SRPMS/openafs-1.4.4-8.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 14f0314e4178ed4b328328051d666810  2008.0/x86_64/dkms-libafs-1.4.4-8.2mdv2008.0.x86_64.rpm
 bd81cfc546181523331124824d37214d  2008.0/x86_64/lib64openafs1-1.4.4-8.2mdv2008.0.x86_64.rpm
 95a655890d0302c239d6f171adce4044  2008.0/x86_64/lib64openafs1-devel-1.4.4-8.2mdv2008.0.x86_64.rpm
 ed9312e42b2534ed062e03f4b90a75d6  2008.0/x86_64/openafs-1.4.4-8.2mdv2008.0.x86_64.rpm
 dbb0957bc6dde30f4f32ae3b47182a2d  2008.0/x86_64/openafs-client-1.4.4-8.2mdv2008.0.x86_64.rpm
 7aeb5a0b3cfa42dc299c36847d385a87  2008.0/x86_64/openafs-doc-1.4.4-8.2mdv2008.0.x86_64.rpm
 e978a2ac93085f038cfce9c2392700b8  2008.0/x86_64/openafs-server-1.4.4-8.2mdv2008.0.x86_64.rpm 
 9844d673b334a84137fcf26d6f052190  2008.0/SRPMS/openafs-1.4.4-8.2mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.