Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.71779
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-136-1 (binutils)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to binutils
announced via advisory USN-136-1.

Details follow:

Tavis Ormandy found an integer overflow in the Binary File Descriptor
(BFD) parser in the GNU debugger. The same vulnerable code is also
present in binutils. By tricking an user into processing a specially
crafted executable with the binutils tools (strings, objdump, nm,
readelf, etc.), an attacker could exploit this to execute arbitrary
code with the privileges of the user running the affected program.

Solution:
The following packages are affected:

binutils
binutils-multiarch

The problem can be corrected by upgrading the affected package to
version 2.14.90.0.7-8ubuntu0.2 (for Ubuntu 4.10), or 2.15-5ubuntu2.1
(for Ubuntu 5.04). In general, a standard system upgrade is
sufficient to effect the necessary changes.

https://secure1.securityspace.com/smysecure/catid.html?in=USN-136-1

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CAN-2005-1704
BugTraq ID: 13697
http://www.securityfocus.com/bid/13697
Bugtraq: 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates (Google Search)
http://www.securityfocus.com/archive/1/464745/100/0/threaded
Conectiva Linux advisory: CLA-2006:1060
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001060
http://security.gentoo.org/glsa/glsa-200505-15.xml
http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095
http://www.mandriva.com/security/advisories?name=MDKSA-2005:215
http://www.osvdb.org/16757
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071
http://www.redhat.com/support/errata/RHSA-2005-659.html
http://www.redhat.com/support/errata/RHSA-2005-673.html
http://www.redhat.com/support/errata/RHSA-2005-709.html
http://www.redhat.com/support/errata/RHSA-2005-763.html
http://www.redhat.com/support/errata/RHSA-2005-801.html
http://www.redhat.com/support/errata/RHSA-2006-0354.html
http://www.redhat.com/support/errata/RHSA-2006-0368.html
http://securitytracker.com/id?1016544
http://secunia.com/advisories/15527
http://secunia.com/advisories/17001
http://secunia.com/advisories/17072
http://secunia.com/advisories/17135
http://secunia.com/advisories/17257
http://secunia.com/advisories/17356
http://secunia.com/advisories/17718
http://secunia.com/advisories/18506
http://secunia.com/advisories/21122
http://secunia.com/advisories/21262
http://secunia.com/advisories/21717
http://secunia.com/advisories/24788
SGI Security Advisory: 20060703-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
http://www.trustix.org/errata/2005/0025/
https://usn.ubuntu.com/136-1/
http://www.vupen.com/english/advisories/2007/1267
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.