lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070518215232.GA24757@outflux.net>
Date: Fri, 18 May 2007 14:52:32 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [USN-436-2] KTorrent vulnerability

=========================================================== 
Ubuntu Security Notice USN-436-2               May 18, 2007
ktorrent vulnerability
CVE-2007-1799
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  ktorrent                                 1.2-0ubuntu5.2

Ubuntu 6.10:
  ktorrent                                 2.0.3+dfsg1-0ubuntu1.2

Ubuntu 7.04:
  ktorrent                                 2.1-0ubuntu2.1

After a standard system upgrade you need to restart KTorrent to effect 
the necessary changes.

Details follow:

USN-436-1 fixed a vulnerability in KTorrent.  The original fix for path 
traversal was incomplete, allowing for alternate vectors of attack.  
This update solves the problem.

Original advisory details:

 Bryan Burns of Juniper Networks discovered that KTorrent did not 
 correctly validate the destination file paths nor the HAVE statements 
 sent by torrent peers. A malicious remote peer could send specially 
 crafted messages to overwrite files or execute arbitrary code with user 
 privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2-0ubuntu5.2.diff.gz
      Size/MD5:    43908 4b55922fe7424a6917521604a1a30bd6
    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2-0ubuntu5.2.dsc
      Size/MD5:      785 f3b9690bf3818c509f96680ebaa7f597
    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2.orig.tar.gz
      Size/MD5:  1447380 55c6c4ae679aea0ba0370058856ddb92

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2-0ubuntu5.2_amd64.deb
      Size/MD5:   799786 b1bd2e290ab006d9f3b4fba8b5c89e1f

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2-0ubuntu5.2_i386.deb
      Size/MD5:   756728 cbd80bdb43896a174336226b5f97cce4

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2-0ubuntu5.2_powerpc.deb
      Size/MD5:   790630 e89da3850d7ffb80b8512ba7a454ad9f

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_1.2-0ubuntu5.2_sparc.deb
      Size/MD5:   759562 e47ed41ae1ca4543bd9c642ff2b0eff9

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-0ubuntu1.2.diff.gz
      Size/MD5:   337132 a946ad69c0bf0041c27432874e14455d
    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-0ubuntu1.2.dsc
      Size/MD5:      754 c3d171b3a900e009d0bf01802045c4be
    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1.orig.tar.gz
      Size/MD5:  2183661 891f2cc509331a4283f958b068bbcf7d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-0ubuntu1.2_amd64.deb
      Size/MD5:  1221058 9b5c8a651ad77cf6b92216ede3535567

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-0ubuntu1.2_i386.deb
      Size/MD5:  1182820 cac90a9294b823590345661faa1e5847

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-0ubuntu1.2_powerpc.deb
      Size/MD5:  1205294 7cbfc992145b665864ad260352550e12

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.0.3+dfsg1-0ubuntu1.2_sparc.deb
      Size/MD5:  1159814 0503cdf19dfa44f0b5acc3b65a69aa71

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1-0ubuntu2.1.diff.gz
      Size/MD5:     7286 ae881c04eaa732f36ebbf827f24427bf
    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1-0ubuntu2.1.dsc
      Size/MD5:      749 e1bb6d3f0d0b6f8b92079fa27cb8c3d1
    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1.orig.tar.gz
      Size/MD5:  3459985 2e3c350fe02b68936a6f8f6460fae8f6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1-0ubuntu2.1_amd64.deb
      Size/MD5:  2445288 db1df770f52eaad7ac5752c0e82e2473

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1-0ubuntu2.1_i386.deb
      Size/MD5:  2404202 8cf7a153dac6556701bb54751b5f65a1

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1-0ubuntu2.1_powerpc.deb
      Size/MD5:  2538566 6752811ccc287953e08fa5922fcf8e73

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/k/ktorrent/ktorrent_2.1-0ubuntu2.1_sparc.deb
      Size/MD5:  2408286 576d5404aea241223ac804a4c72cf5ae


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ