Vulnerability Bulletins |
Denegación de servicio en Opal |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Denegación de Servicio |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software | Opal |
Description |
|
|
Se ha encontrado una vulnerabilidad en Opal. La vulnerabilidad reside en la forma en que maneja ciertos paquetes del Session Initiation Protocol. Un atacante remoto podría causar una denegación de servicio en una aplicación que esté enlazada con opal. |
|
Solution |
|
|
Actualización de software Red Hat (RHSA-2007:0957-3) RHEL Desktop Workstation (v. 5 client) RHEL Optional Productivity Applications (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) https://rhn.redhat.com/ Mandriva (MDKSA-2007:205) Mandriva Linux 2007 X86 2007.0/i586/libopal2-2.2.3-1.1mdv2007.0.i586.rpm 2007.0/i586/libopal2-devel-2.2.3-1.1mdv2007.0.i586.rpm 2007.0/SRPMS/opal-2.2.3-1.1mdv2007.0.src.rpm X86_64 2007.0/x86_64/lib64opal2-2.2.3-1.1mdv2007.0.x86_64.rpm 2007.0/x86_64/lib64opal2-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 2007.0/SRPMS/opal-2.2.3-1.1mdv2007.0.src.rpm Mandriva Linux 2007.1 X86 2007.1/i586/libopal2-2.2.6-1.1mdv2007.1.i586.rpm 2007.1/i586/libopal2-devel-2.2.6-1.1mdv2007.1.i586.rpm 2007.1/SRPMS/opal-2.2.6-1.1mdv2007.1.src.rpm X86_64 2007.1/x86_64/lib64opal2-2.2.6-1.1mdv2007.1.x86_64.rpm 2007.1/x86_64/lib64opal2-devel-2.2.6-1.1mdv2007.1.x86_64.rpm 2007.1/SRPMS/opal-2.2.6-1.1mdv2007.1.src.rpm Ubuntu (USN-562-1 ) Ubuntu 6.06 LTS libopal-2.2.0 / patch 2.2.1-1ubuntu1.1 Ubuntu 6.10 libopal-2.2.0 / patch 2.2.3.dfsg-0ubuntu2.1 Ubuntu 7.04 libopal-2.2.0 / patch 2.2.3.dfsg-2ubuntu2.1 |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2007-4924 |
| BID | |
Other resources |
|
|
Red Hat Security Advisory (RHSA-2007:0957-3) https://rhn.redhat.com/errata/RHSA-2007-0957.html Mandriva Security Advisory (MDKSA-2007:205) http://www.mandriva.com/security/advisories?name=MDKSA-2007:205 Ubuntu Security Advisory (USN-562-1) http://www.ubuntu.com/usn/usn-562-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2007-10-08 |
| 1.1 | Aviso emitido por Mandriva (MDKSA-2007:205) | 2007-11-07 |
| 1.2 | Aviso emitido por Ubuntu (USN-562-1) | 2008-01-11 |