OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[SA16988] Debian update for loop-aes-utils

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Fri Sep 30 2005 - 06:20:25 CDT


TITLE:
Debian update for loop-aes-utils

SECUNIA ADVISORY ID:
SA16988

VERIFY ADVISORY:
http://secunia.com/advisories/16988/

CRITICAL:
Not critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for loop-aes-utils. This fixes a security
issue, which potentially can be exploited by malicious, local users to
gain escalated privileges.

For more information:
SA16785

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

Source archives:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1.dsc
Size/MD5 checksum: 684 e708365ea3b674ef3983edda999d8070
http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1.diff.gz
Size/MD5 checksum: 69614 f085322d67f1300c914910c1ca1fd95f
http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p.orig.tar.gz
Size/MD5 checksum: 2001658 d47e820f6880c21c8b4c0c7e8a7376cc

Alpha architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_alpha.deb
Size/MD5 checksum: 169938 66c4a72d906d1e55965165e3b6f49689

AMD64 architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_amd64.deb
Size/MD5 checksum: 150498 9d6d3455ac704fa38601a2a1670d9f2a

ARM architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_arm.deb
Size/MD5 checksum: 142030 c7c7fc0cb178d9b9878d936f0a8426e3

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_i386.deb
Size/MD5 checksum: 142250 de42b52353becd80ee61922a1b21486a

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_ia64.deb
Size/MD5 checksum: 190858 ede8efa9e792c2e8e05ddc08b1570670

HP Precision architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_hppa.deb
Size/MD5 checksum: 156618 d326b2462c0f9abd2278e0ea4c809183

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_m68k.deb
Size/MD5 checksum: 132244 de86a9f8f29f23ea7d2b8ee896844ba6

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_mips.deb
Size/MD5 checksum: 159556 f37ed88ed75765546aba0ae13e2f80ab

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_mipsel.deb
Size/MD5 checksum: 160092 2a89a577a2edec9920050650b7e96484

PowerPC architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_powerpc.deb
Size/MD5 checksum: 155064 64bb3aff51cdff0a0bc6851e9aed2ddd

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_s390.deb
Size/MD5 checksum: 153226 9a4bb20c30f7cf5127c0c5ec6f0862e8

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge1_sparc.deb
Size/MD5 checksum: 142068 15cb6e8097a22a66e77ff7fd0aebbe76

-- Debian GNU/Linux unstable alias sid --

Fixed in version 2.12p-9.

ORIGINAL ADVISORY:
http://www.debian.org/security/2005/dsa-825

OTHER REFERENCES:
SA16785:
http://secunia.com/advisories/16785/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------