Secunia Security Advisory 26282

Secunia Security Advisory 26282: Posted Aug 1, 2007; Authored by Secunia | Site secunia.com; Secunia Security Advisory - Debian has issued an update for xfs. This fixes a vulnerability, which can be exploited by malicious, local users to perform actions with escalated privileges.; tags | advisory, local; systems | linux, debian; SHA-256 | c4e508f7b7e73fc8fc0bcb0d78fec49d04e14f18ab891456752afc84a2f794d6; Download | Favorite | View

Secunia Security Advisory 26282



----------------------------------------------------------------------

BETA test the new Secunia Personal Software Inspector!

The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.

Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/

----------------------------------------------------------------------

TITLE:
Debian update for xfs

SECUNIA ADVISORY ID:
SA26282

VERIFY ADVISORY:
http://secunia.com/advisories/26282/

CRITICAL:
Not critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for xfs. This fixes a vulnerability,
which can be exploited by malicious, local users to perform actions
with escalated privileges.

For more information:
SA26056

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

There are no updated packages yet. Reportedly, these will be provided
in an upcoming security update.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6.dsc
Size/MD5 checksum: 794 938a05eb2b1638fc49b4d7101084c69b
http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6.diff.gz
Size/MD5 checksum: 28440 0eeacd5783c66b937eaa1dbde6145401
http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1.orig.tar.gz
Size/MD5 checksum: 174623 32e8b6b24ec3d4c0de11d81061640cc2

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_alpha.deb
Size/MD5 checksum: 75520 0becb7909f5d9df1621d1a8b153eab2b

AMD64 architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_amd64.deb
Size/MD5 checksum: 65224 632e1a2416a91e079fe16f19f8c18f37

ARM architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_arm.deb
Size/MD5 checksum: 61330 41a50afe7ca54708028f8929ef9f62a8

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_hppa.deb
Size/MD5 checksum: 68312 31b1450c324283337298f0671491eddd

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_i386.deb
Size/MD5 checksum: 56856 40191532dd37541d09a9ff62bf9e6189

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_ia64.deb
Size/MD5 checksum: 97348 31aacc8828c1dc532db8d5b630de5f5c

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_mips.deb
Size/MD5 checksum: 69112 c0797a23074512e31edeef83a57817b5

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_mipsel.deb
Size/MD5 checksum: 69032 3a44f04fd9e3f4b84fd03889bcebeb56

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_powerpc.deb
Size/MD5 checksum: 64512 00d156e38ef0cf5f5257ae90cef496a2

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_s390.deb
Size/MD5 checksum: 67514 710d362f9183b98f817736e466c89d35

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xfs/xfs_1.0.1-6_sparc.deb
Size/MD5 checksum: 57382 8a32daa22fd7630ff4101e21a4cfaf7d

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.0.4-2.

ORIGINAL ADVISORY:
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00104.html

OTHER REFERENCES:
SA26056:
http://secunia.com/advisories/26056/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 239 files
Ubuntu 62 files
Debian 23 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,862)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,265)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,976)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Secunia Security Advisory 26282

Secunia Security Advisory 26282

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 26282

Share This

Secunia Security Advisory 26282

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems