From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Dec 16 2003 - 03:21:30 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Sun update for Zebra

SECUNIA ADVISORY ID:
SA10435

VERIFY ADVISORY:
http://www.secunia.com/advisories/10435/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Sun Linux 5.x

DESCRIPTION:
Sun has issued updated packages for Zebra. These fix two
vulnerabilities allowing malicious people and local users to cause a
Denial of Service.

An unspecified vulnerability exists in the Zebra telnet management
service, which can be exploited to crash the service if a Zebra
password has been enabled.

It is possible for local users to cause a Denial of Service by
sending spoofed messages on the kernel netlink interface.

SOLUTION:
Updated packages:

ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPMS/zebra-0.91a-8.7.2.i386.rpm
ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/SRPMS/zebra-0.91a-8.7.2.src.rpm

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://www.secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://www.secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]