VUPEN Security - Trustix Security Update Fixes Multiple Code Execution and Security Bypass Issues / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Trustix Security Update Fixes Multiple Code Execution and Security Bypass Issues

Title : Trustix Security Update Fixes Multiple Code Execution and Security Bypass Issues
VUPEN ID : VUPEN/ADV-2006-4342
CVE ID : CVE-2006-5170 - CVE-2006-5297 - CVE-2006-5298 - CVE-2006-5465 -
Rated as : Critical

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-11-06

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Receive VUPEN Security notifications by SMS

Trustix has released updated packages to address multiple vulnerabilities identified in mutt, pam_ldap, and php. For additional information, see : VUPEN/ADV-2006-4176 - VUPEN/ADV-2006-4319 - VUPEN/ADV-2006-4317

Affected Products

Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Operating System - Enterprise Server 2

Solution

Upgrade the affected packages :

http://http.trustix.org/pub/trustix/updates/

d96dae8b76785537380e77396b81c3c6 3.0/rpms/ldapclients-common-183-1tr.i586.rpm
7e4101d0079ef3d20aec6cd9a0ee47fc 3.0/rpms/mutt-1.4.2.1-10tr.i586.rpm
a1a0ef53c02871c63a0f889d52e56464 3.0/rpms/pam_ldap-183-1tr.i586.rpm
4487f0d0030f498c44cf1d45155438a4 3.0/rpms/php-5.2.0-1tr.i586.rpm
8790cdab5c153ea7090094f087de4f5b 3.0/rpms/php-calendar-5.2.0-1tr.i586.rpm
defc4df433d315c3ac62366a48488521 3.0/rpms/php-cli-5.2.0-1tr.i586.rpm
3e30ef02c25387efee91b8893f42466d 3.0/rpms/php-curl-5.2.0-1tr.i586.rpm
4649d8952fb57ca7302984a2856cc10d 3.0/rpms/php-dba-5.2.0-1tr.i586.rpm
1ddee19991c0ae59d95cbf69b860e51c 3.0/rpms/php-devel-5.2.0-1tr.i586.rpm
a1bbb8c982f584e50a3766e88176ddc9 3.0/rpms/php-exif-5.2.0-1tr.i586.rpm
310b88dfd33504e4cd74540335f74bb8 3.0/rpms/php-fcgi-5.2.0-1tr.i586.rpm
110bbba14cfb114c8fc75187df8425b3 3.0/rpms/php-gd-5.2.0-1tr.i586.rpm
84f8038f7d71b67677a0ecfa48daf2d5 3.0/rpms/php-imap-5.2.0-1tr.i586.rpm
24a8943637f6b3a845ecc2bf6676a503 3.0/rpms/php-ldap-5.2.0-1tr.i586.rpm
7bf59655d5fce309d789d30250323dcc 3.0/rpms/php-mcrypt-5.2.0-1tr.i586.rpm
0a61d575c497bd60d4b06fbd59240969 3.0/rpms/php-mhash-5.2.0-1tr.i586.rpm
a260a6ee8ca1cd8ef7340795a43dd1a3 3.0/rpms/php-mysql-5.2.0-1tr.i586.rpm
d7129d80c1f43a8ff722075e57a727d6 3.0/rpms/php-mysqli-5.2.0-1tr.i586.rpm
1e31b7f9cde26a3c31d1dff592c6f00e 3.0/rpms/php-openssl-5.2.0-1tr.i586.rpm
057c15c14e211fd27eb31d3eea3567c4 3.0/rpms/php-pdo-mysql-5.2.0-1tr.i586.rpm
0b731bab170fdd4529388edf2e4f8950 3.0/rpms/php-pdo-sqlite-5.2.0-1tr.i586.rpm
8fe1b3dfb552d10a1a8e70290a89029c 3.0/rpms/php-pgsql-5.2.0-1tr.i586.rpm
b935f7be44a227c7c31a053e0a2560d2 3.0/rpms/php-pspell-5.2.0-1tr.i586.rpm
22451557386aea07e25d45634d67725c 3.0/rpms/php-snmp-5.2.0-1tr.i586.rpm
b88eef1abfe3800df8bd609441765d99 3.0/rpms/php-sqlite-5.2.0-1tr.i586.rpm
6d885b65f6b9164f9e3abbab355d581a 3.0/rpms/php-xslt-5.2.0-1tr.i586.rpm
4bef2d6673e269ef5564b1d60dabc9ed 3.0/rpms/php-zlib-5.2.0-1tr.i586.rpm
b4b6e1d65b18b7be38343176d987bc1e 2.2/rpms/ldapclients-common-183-1tr.i586.rpm
0cf605ece23c48ac9f96b036ead7c12e 2.2/rpms/mutt-1.4.2.1-6tr.i586.rpm
af0003f6290c968305ed59b96f33d9eb 2.2/rpms/pam_ldap-183-1tr.i586.rpm
9356c0eff6fa982e1e6b1a5557161328 2.2/rpms/php-5.2.0-1tr.i586.rpm
83ec93582363bf78c886ef246b76980e 2.2/rpms/php-cli-5.2.0-1tr.i586.rpm
19e0ba13d52129dc21ba6a645846569f 2.2/rpms/php-curl-5.2.0-1tr.i586.rpm
33bf33f853794d32a21c851ae7de1f98 2.2/rpms/php-devel-5.2.0-1tr.i586.rpm
43628cdb25431cb06a16a65591b2220a 2.2/rpms/php-exif-5.2.0-1tr.i586.rpm
a95a77bdfb6d80c28a18346198929f66 2.2/rpms/php-fcgi-5.2.0-1tr.i586.rpm
567d73bc467bbaff223b7363293a22cd 2.2/rpms/php-gd-5.2.0-1tr.i586.rpm
3d609748d897006c21a2af5554f96eda 2.2/rpms/php-imap-5.2.0-1tr.i586.rpm
d681d5010b77725c08891067d5224deb 2.2/rpms/php-ldap-5.2.0-1tr.i586.rpm
35cfde759d614c0cbfa05947e1be8ce6 2.2/rpms/php-mcrypt-5.2.0-1tr.i586.rpm
2da2d79481488eaec92aeb3a5ba33a80 2.2/rpms/php-mhash-5.2.0-1tr.i586.rpm
72c05352ae6d9cd8d4d443421e1b3f79 2.2/rpms/php-mysql-5.2.0-1tr.i586.rpm
8afbd4b3c4bc021ac99f3adcc860e0e2 2.2/rpms/php-mysqli-5.2.0-1tr.i586.rpm
62bca20622f348b1898d3d7cca541847 2.2/rpms/php-openssl-5.2.0-1tr.i586.rpm
6e18746564365472ceedab08cb692440 2.2/rpms/php-pdo-mysql-5.2.0-1tr.i586.rpm
c0688f00635eebab0e197b374dcac9c7 2.2/rpms/php-pdo-sqlite-5.2.0-1tr.i586.rpm
b91c77a4d9016f74699b214b0a7e8549 2.2/rpms/php-pgsql-5.2.0-1tr.i586.rpm
fee0431b47cb04f2359d29490e327265 2.2/rpms/php-sqlite-5.2.0-1tr.i586.rpm
ec4c19faca69e22029e1884578ff88a2 2.2/rpms/php-zlib-5.2.0-1tr.i586.rpm

References

http://www.vupen.com/english/advisories/2006/4342
http://lists.trustix.org/pipermail/tsl-announce/2006-November/000438.html

ChangeLog

2006-11-06 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

>> 2009-05-12

Microsoft Patched 14
Office PowerPoint Flaws

>> 2009-04-28

Adobe Reader / Acrobat
Vulnerabilities Disclosed

More Informations