LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: December 19th, 2014
Linux Advisory Watch: December 12th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2010:138: iputils Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply (CVE-2010-2529). The updated packages have been patched to correct these issues. [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:138
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : iputils
 Date    : July 23, 2010
 Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
           Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Ovidiu Mara reported a vulnerability in ping.c (iputils) that
 could cause ping to hang when responding to a malicious echo reply
 (CVE-2010-2529). The updated packages have been patched to correct
 these issues.
 
 Packages for 2008.0 and 2009.0 are provided as of the Extended
 Maintenance Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2529
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 5acca01875a36f6484888a66b680d993  2008.0/i586/iputils-20070202-3.1mdv2008.0.i586.rpm 
 258c239db541f20ec4ada7c92ba6634e  2008.0/SRPMS/iputils-20070202-3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 34d36f03187fa74eeb33f014522cd5cb  2008.0/x86_64/iputils-20070202-3.1mdv2008.0.x86_64.rpm 
 258c239db541f20ec4ada7c92ba6634e  2008.0/SRPMS/iputils-20070202-3.1mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 23e1a84143109e7baf01f01892aaf493  2009.0/i586/iputils-20071127-5.1mdv2009.0.i586.rpm 
 30b8d81f25ff5e437eb32bd53b085aea  2009.0/SRPMS/iputils-20071127-5.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 e4310cb44ea0ceb8d193e5670e9d6a0e  2009.0/x86_64/iputils-20071127-5.1mdv2009.0.x86_64.rpm 
 30b8d81f25ff5e437eb32bd53b085aea  2009.0/SRPMS/iputils-20071127-5.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 c7198a6d1a90d7893ccc2f0c85197399  2009.1/i586/iputils-20071127-6.1mdv2009.1.i586.rpm 
 b02409b08b7a7dbe0f39a2a829ee3253  2009.1/SRPMS/iputils-20071127-6.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 9a6b9f5342cddf15f19b990df23994a2  2009.1/x86_64/iputils-20071127-6.1mdv2009.1.x86_64.rpm 
 b02409b08b7a7dbe0f39a2a829ee3253  2009.1/SRPMS/iputils-20071127-6.1mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 90cac37440f55fa0405d600fe913e8c1  2010.0/i586/iputils-20071127-7.1mdv2010.0.i586.rpm 
 4fd957193edc2ff530eb2e61e1d4ce41  2010.0/SRPMS/iputils-20071127-7.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 0f7f6153e6b9f75e8a5373df600c5974  2010.0/x86_64/iputils-20071127-7.1mdv2010.0.x86_64.rpm 
 4fd957193edc2ff530eb2e61e1d4ce41  2010.0/SRPMS/iputils-20071127-7.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 b8a2a7745829a10daac548c0b36a73c5  2010.1/i586/iputils-20100214-1.1mdv2010.1.i586.rpm 
 bdb5b752afef449ddb5bf547f7322d89  2010.1/SRPMS/iputils-20100214-1.1mdv2010.1.src.rpm

 Mandriva Linux 2010.1/X86_64:
 6dc1f9300f9832abe9a0833af3a13b9e  2010.1/x86_64/iputils-20100214-1.1mdv2010.1.x86_64.rpm 
 bdb5b752afef449ddb5bf547f7322d89  2010.1/SRPMS/iputils-20100214-1.1mdv2010.1.src.rpm

 Corporate 4.0:
 53466e5c4a085eb22b56432c9bd09b6e  corporate/4.0/i586/iputils-20020927-5.1.20060mlcs4.i586.rpm 
 a9c7e20957398e697e3bd6f7c95bb24a  corporate/4.0/SRPMS/iputils-20020927-5.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4beb4d4a2dc877489758bcada5a7a2f4  corporate/4.0/x86_64/iputils-20020927-5.1.20060mlcs4.x86_64.rpm 
 a9c7e20957398e697e3bd6f7c95bb24a  corporate/4.0/SRPMS/iputils-20020927-5.1.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 2665b70643c059904464ab2373098be3  mes5/i586/iputils-20071127-5.1mdvmes5.1.i586.rpm 
 bb44edcc06715dc1f8a758e89420b33a  mes5/SRPMS/iputils-20071127-5.1mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 297cd33b776d1cd0cb4a49684007a2e9  mes5/x86_64/iputils-20071127-5.1mdvmes5.1.x86_64.rpm 
 bb44edcc06715dc1f8a758e89420b33a  mes5/SRPMS/iputils-20071127-5.1mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Report: U.S. planning “proportional response” to Sony hack, blamed on North Korea
Heartbleed, Shellshock, Tor and more: The 13 biggest security stories of 2014
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.