Ubuntu Security Notice 279-1

Ubuntu Security Notice 279-1: Posted May 6, 2006; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 279-1 - Jayesh KS discovered that the nasl_split() function in the NASL (Nessus Attack Scripting Language) library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this vulnerability to cause the Nessus daemon to crash.; tags | advisory, remote; systems | linux, ubuntu; advisories | CVE-2006-2093; SHA-256 | 82f35fda1138e8ecebf21b1f0ac12d01b4fd5e721f8ad6382c3d5164747790e0; Download | Favorite | View

Ubuntu Security Notice 279-1

===========================================================
Ubuntu Security Notice USN-279-1         May 03, 2006
libnasl vulnerability
CVE-2006-2093
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

libnasl2

The problem can be corrected by upgrading the affected package to
version 2.2.3-1ubuntu0.1 (libnasl-dev and libnasl2) and
2.2.4-1ubuntu0.1 (libnasl-dev and libnasl2). After a standard system
upgrade you need to restart nessusd to effect the necessary changes.

Details follow:

Jayesh KS discovered that the nasl_split() function in the NASL
(Nessus Attack Scripting Language) library did not check for a
zero-length separator argument, which lead to an invalid memory
allocation. This library is primarily used in the Nessus security
scanner; a remote attacker could exploit this vulnerability to cause
the Nessus daemon to crash.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl_2.2.3-1ubuntu0.1.diff.gz
      Size/MD5:   325024 934e559032064bdbfaf178e0e64b347d
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl_2.2.3-1ubuntu0.1.dsc
      Size/MD5:      758 3326827ac8f9245a9188222ac517224d
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl_2.2.3.orig.tar.gz
      Size/MD5:   360918 ee66b86f0a808c9eb1e1756490e5c067

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl-dev_2.2.3-1ubuntu0.1_amd64.deb
      Size/MD5:   334004 81c12b0e563175c9add90f462d55c46d
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl2_2.2.3-1ubuntu0.1_amd64.deb
      Size/MD5:   101580 63413de59bcc9efe8cacbcc34380df67

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl-dev_2.2.3-1ubuntu0.1_i386.deb
      Size/MD5:   312834 8c0bfa1daf1854ef200cc9bb4e50a54c
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl2_2.2.3-1ubuntu0.1_i386.deb
      Size/MD5:    95840 4d8e2c1a91d8fc991f2fd1716b8583cb

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl-dev_2.2.3-1ubuntu0.1_powerpc.deb
      Size/MD5:   338600 33be5486ddf9ca014d27bf77281200f0
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl2_2.2.3-1ubuntu0.1_powerpc.deb
      Size/MD5:    99624 98dcfe611e5029dc619caf72dfd4da86

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl_2.2.4-1ubuntu0.1.diff.gz
      Size/MD5:   325052 1a6cb2d4eba535bf7d04c86e28753fce
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl_2.2.4-1ubuntu0.1.dsc
      Size/MD5:      758 77166e15fa4998fccb44c731649318b9
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl_2.2.4.orig.tar.gz
      Size/MD5:   361551 47de3e86725b5f54f5752233a4bc1ea8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl-dev_2.2.4-1ubuntu0.1_amd64.deb
      Size/MD5:   342848 312e410daa37b832a4462c0fd43a256e
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl2_2.2.4-1ubuntu0.1_amd64.deb
      Size/MD5:   105872 17131088c3fcf03c61ff48c1068de163

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl-dev_2.2.4-1ubuntu0.1_i386.deb
      Size/MD5:   314346 3e306ca23afe7008bc7fb1e0864763fa
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl2_2.2.4-1ubuntu0.1_i386.deb
      Size/MD5:    96150 dc30810ccc3d00679da3f081517ada1d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl-dev_2.2.4-1ubuntu0.1_powerpc.deb
      Size/MD5:   344788 fa5ead6eae23d5811973691236068b5a
    http://security.ubuntu.com/ubuntu/pool/main/libn/libnasl/libnasl2_2.2.4-1ubuntu0.1_powerpc.deb
      Size/MD5:   102438 25bf747848d3cec7561298f198ffa1f5

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 65 files
LiquidWorm 25 files
Debian 18 files
indoushka 15 files
Apple 10 files
Google Security Research 7 files
Gentoo 5 files
Emiliano Febbi 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,813)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,236)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,965)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Ubuntu Security Notice 279-1

Ubuntu Security Notice 279-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice 279-1

Share This

Ubuntu Security Notice 279-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems