VUPEN Security - Trustix Security Update Fixes Multiple Remote Command Execution Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

VUPEN VNS v4.0

Features and Options

Free 14-Day Trial

Partner Program

Receive More Information

Latest Intelligence

VUPEN Security Advisories

Virus and Malware Alerts

VUPEN Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Trustix Security Update Fixes Multiple Remote Command Execution Vulnerabilities

Title : Trustix Security Update Fixes Multiple Remote Command Execution Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-2267
CVE ID : CVE-2006-2362 - CVE-2006-2447 - CVE-2006-2753
CWE ID : VUPEN VNS Only

CVSS V2 : VUPEN VNS Only

Rated as : High Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-06-12

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Trustix has released updated packages to address multiple vulnerabilities identified in binutils, MySQL, and spamassassin. These flaws could be exploited by attackers to bypass security restrictions or execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-1924 - VUPEN/ADV-2006-2105 - VUPEN/ADV-2006-2148

Affected Products

Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Operating System - Enterprise Server 2

Solution

Upgrade the affected package :
http://http.trustix.org/pub/trustix/updates/
e5d36360dfbfa074e1480dc1f20f060a 3.0/rpms/binutils-2.15-9tr.i586.rpm
ae7a7ac7b28361e0b4866fbb14b4fe85 3.0/rpms/mysql-4.1.15-3tr.i586.rpm
d1c5361b148fbc225cdc2fe5083477d8 3.0/rpms/mysql-bench-4.1.15-3tr.i586.rpm
376598136637b4b04efe505366a1c515 3.0/rpms/mysql-client-4.1.15-3tr.i586.rpm
834102be2e1ef0941e553b9627aa6806 3.0/rpms/mysql-devel-4.1.15-3tr.i586.rpm
2202c240e186908fae14fae836bfa60b 3.0/rpms/mysql-libs-4.1.15-3tr.i586.rpm
2f1c1541d60670f804252ced853b80f8 3.0/rpms/mysql-shared-4.1.15-3tr.i586.rpm
e09e7ff8bd1fe45e6d1a3f676873a9b0 3.0/rpms/perl-mail-spamassassin-3.0.4-4tr.i586.rpm
af3f9a1d10e36d28ad0ba368007fb1b7 3.0/rpms/spamassassin-3.0.4-4tr.i586.rpm
b894444c51725cc13ac2a2dd0def953f 3.0/rpms/spamassassin-tools-3.0.4-4tr.i586.rpm
4138d728aef7d2bb5c116bc8a08f7ae7 2.2/rpms/binutils-2.14-5tr.i586.rpm
0faa12b1394f4a1269f0da709a82fad7 2.2/rpms/mysql-4.1.15-3tr.i586.rpm
3d9378b316813244009cc1ac58dcd1dd 2.2/rpms/mysql-bench-4.1.15-3tr.i586.rpm
637fd6a197d6d6eedea6c4fb921bfad2 2.2/rpms/mysql-client-4.1.15-3tr.i586.rpm
5ad3e585a25ee8856edb5cb2afcdbd89 2.2/rpms/mysql-devel-4.1.15-3tr.i586.rpm
65bf216cd847eca7164903b2cb65bc3c 2.2/rpms/mysql-libs-4.1.15-3tr.i586.rpm
02ce609f25f24220156e1ccc0dfa6c93 2.2/rpms/mysql-shared-4.1.15-3tr.i586.rpm
c2306f4beb6eaeee01e30b43cfeec9eb 2.2/rpms/perl-mail-spamassassin-3.0.4-4tr.i586.rpm
c77a38e270702bc7f31f2281c11ff649 2.2/rpms/spamassassin-3.0.4-4tr.i586.rpm
ffe6baa13507c9d93b0f1d14c8d98f18 2.2/rpms/spamassassin-tools-3.0.4-4tr.i586.rpm

References

http://www.vupen.com/english/advisories/2006/2267
http://www.frsirt.com/english/reference/13233

ChangeLog

2006-06-12 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

VUPEN Vulnerability
Notification Service

Latest Advisories

>> 2010-03-18

IBM DB2 Content Manager Web Services Single Sign-on Vulnerability

>> 2010-03-18

Transmission "tr_magnetParse()" Magnet Buffer Overflow Vulnerability

>> 2010-03-18

myMP3-Player Playlist Processing Buffer Overflow Vulnerability

>> 2010-03-18

VariCAD Products "DWB" File Processing Buffer Overflow Vulnerability

>> 2010-03-18

SugarCRM Document Name Handling Cross Site Scripting Vulnerability

More Informations