Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service or execute arbitrary code. This issue is caused by an error in Mono. For additional information, see : VUPEN/ADV-2007-3716

Affected Products

Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

d91c1e366bf20f6856dce71016c835b512cb645e SRPMS/mono-1.1.17.1-5.fc6.src.rpm
d91c1e366bf20f6856dce71016c835b512cb645e noarch/mono-1.1.17.1-5.fc6.src.rpm
eec0aaf30834e6f66d77b5425d8db7658dd08ae7 ppc/mono-core-1.1.17.1-5.fc6.ppc.rpm
496ac0045c0eb7bcca00df9835f4a7a294883894 ppc/ibm-data-db2-1.1.17.1-5.fc6.ppc.rpm
0d5121f04b34e6e757ae84cdf7af656e9706f6ff ppc/mono-web-1.1.17.1-5.fc6.ppc.rpm
db722e32dc7bf97cc93cec8927338eeb4e5373ab ppc/mono-data-firebird-1.1.17.1-5.fc6.ppc.rpm
0a9677f9a7b6b2a06d465ae33494bea2d95be5ca ppc/mono-data-sqlite-1.1.17.1-5.fc6.ppc.rpm
244d43c6316b6737db888bb891140713c0873762 ppc/mono-nunit-devel-1.1.17.1-5.fc6.ppc.rpm
d25f908fd94faceec284de7f961526b07414cb23 ppc/mono-data-postgresql-1.1.17.1-5.fc6.ppc.rpm
6c43dfce650e9504c0f648e4d3d275d3bf754889 ppc/mono-winforms-1.1.17.1-5.fc6.ppc.rpm
60898df04755c9eeb1eb23a0d802318055fa5f6d ppc/mono-data-1.1.17.1-5.fc6.ppc.rpm
6dd00391a1509318e7de8a2128c4cf0707fefabe ppc/mono-nunit-1.1.17.1-5.fc6.ppc.rpm
ca487fbe6fd1fb29a6b9f81e8753831cebafee81 ppc/bytefx-data-mysql-1.1.17.1-5.fc6.ppc.rpm
1e6ece4901d36a05aad2546245a8c6335903a025 ppc/mono-locale-extras-1.1.17.1-5.fc6.ppc.rpm
991f610466129c218e5e868eccdc9c848344092e ppc/mono-data-sybase-1.1.17.1-5.fc6.ppc.rpm
915a91ceba1c0dc1b355707b2d152d196e3eeb14 ppc/debug/mono-debuginfo-1.1.17.1-5.fc6.ppc.rpm
1b53d35cd4aff8e12d94977e4975f6919b8aa2e5 ppc/mono-extras-1.1.17.1-5.fc6.ppc.rpm
0a2409a48bca038e9e2f92c56bd66924929a39ff ppc/mono-devel-1.1.17.1-5.fc6.ppc.rpm
cb72f2b149cbfc41777ad256334cd1ee9841b534 ppc/mono-jscript-1.1.17.1-5.fc6.ppc.rpm
45726a5bcaa5b964aa7ddb468243af1dff4699d8 ppc/mono-data-oracle-1.1.17.1-5.fc6.ppc.rpm
09e9fc8a57ae10a745f093c1426d60a33cc1f7f5 x86_64/mono-jscript-1.1.17.1-5.fc6.x86_64.rpm
d99991191147ac9d2a3f97e82570b023bae469cb x86_64/mono-winforms-1.1.17.1-5.fc6.x86_64.rpm
314876004f2db8efe572a51977dd40e755cc5a69 x86_64/mono-nunit-devel-1.1.17.1-5.fc6.x86_64.rpm
49637a4c6da5de145f91e43b72b0bf5261807a5e x86_64/mono-data-1.1.17.1-5.fc6.x86_64.rpm
33cb232325c8879051f05ed048f0857e319965f6 x86_64/mono-data-sqlite-1.1.17.1-5.fc6.x86_64.rpm
7538b2d01fedc9fb04487f46a5d7302d94fe1a42 x86_64/mono-devel-1.1.17.1-5.fc6.x86_64.rpm
4671973cfd94b3efe2f018801736917a8f77b021 x86_64/mono-locale-extras-1.1.17.1-5.fc6.x86_64.rpm
75978039ea5b47f049a5210feeb6d6bc1e2403a3 x86_64/mono-nunit-1.1.17.1-5.fc6.x86_64.rpm
36957bf18a980b46662ffba7283b492061c807cb x86_64/mono-core-1.1.17.1-5.fc6.x86_64.rpm
23ddd3ba78470423382ae6a130d146fccc0d0e13 x86_64/ibm-data-db2-1.1.17.1-5.fc6.x86_64.rpm
1fd409d50f6156e14b91a625ffa6feb2e4b0d173 x86_64/bytefx-data-mysql-1.1.17.1-5.fc6.x86_64.rpm
b38baec32856d020843a3e069fa73d387768e7d3 x86_64/debug/mono-debuginfo-1.1.17.1-5.fc6.x86_64.rpm
1fd7b835f0f41eaac31e9e7fadcff6f66121b425 x86_64/mono-extras-1.1.17.1-5.fc6.x86_64.rpm
3d3032b5a208e7f24ddc0a28610854fde5abbfca x86_64/mono-data-firebird-1.1.17.1-5.fc6.x86_64.rpm
0378f92ea4999ccc4b21b359be7d2e4e32b9d159 x86_64/mono-data-oracle-1.1.17.1-5.fc6.x86_64.rpm
e112f66116b23240d17df728e1a15c82faf96388 x86_64/mono-data-sybase-1.1.17.1-5.fc6.x86_64.rpm
9fb24bdc76a30fce0995b6dcac453cafd86317fc x86_64/mono-web-1.1.17.1-5.fc6.x86_64.rpm
856f74da03da8b738eeec83043fd52ba7df5d1bd x86_64/mono-data-postgresql-1.1.17.1-5.fc6.x86_64.rpm
844379c3060bb334ea5a0ee3a2efedb17b4ac667 i386/mono-data-1.1.17.1-5.fc6.i386.rpm
2393cb3b76ad594413f11610c89f2b4225bf3f5e i386/mono-data-sqlite-1.1.17.1-5.fc6.i386.rpm
e338d63beff346f1300a4305f378eb3c6ac88624 i386/ibm-data-db2-1.1.17.1-5.fc6.i386.rpm
6ba31bd80e38afe2c33d010883b773ac35dbfaaa i386/mono-data-sybase-1.1.17.1-5.fc6.i386.rpm
79417f200015d228886fb1578a5d1a7cee4dc860 i386/mono-locale-extras-1.1.17.1-5.fc6.i386.rpm
bf3657ed09050d416d5903179408a5e5184151f9 i386/mono-jscript-1.1.17.1-5.fc6.i386.rpm
b8ee34399dad4ababcc7f05d38d259eb538f42d2 i386/mono-winforms-1.1.17.1-5.fc6.i386.rpm
06a35b8cab047a987b91fb8c56bbbf430418941c i386/debug/mono-debuginfo-1.1.17.1-5.fc6.i386.rpm
61da0ff9a964e7f4b5fad6f564e16ee60041b0bb i386/bytefx-data-mysql-1.1.17.1-5.fc6.i386.rpm
e87938e5c9377b2225e912b063efc42423e2c9a5 i386/mono-data-firebird-1.1.17.1-5.fc6.i386.rpm
1409e9b283b2a0106c0c6934015d39e8f0247f36 i386/mono-data-postgresql-1.1.17.1-5.fc6.i386.rpm
0b363840128412b069f8b177c66c5fbd1e251e53 i386/mono-core-1.1.17.1-5.fc6.i386.rpm
03a699d9c7b1b4c26eb657442d8636abe6a385ec i386/mono-extras-1.1.17.1-5.fc6.i386.rpm
3d15716dd32d6b2a61c9b3c3456276998762ba43 i386/mono-devel-1.1.17.1-5.fc6.i386.rpm
77678567e1b85e5f8fa3dceb4706592cd0d567f5 i386/mono-nunit-1.1.17.1-5.fc6.i386.rpm
c7b27019cd40c728145336515869617f98c523a8 i386/mono-data-oracle-1.1.17.1-5.fc6.i386.rpm
9eb9108c43c42ece90224e1236e087e73b146158 i386/mono-web-1.1.17.1-5.fc6.i386.rpm
b488f278c31dab016c28fb50c7ebc81c23dd277d i386/mono-nunit-devel-1.1.17.1-5.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/3880
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00455.html

ChangeLog

2007-11-16 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.