Boletines de Vulnerabilidades |
Desbordamiento de búfer en Mono |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Obtener acceso |
Dificultad | Experto |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado | Mono |
Descripción |
|
Se ha encontrado una vulnerabilidad del tipo desbordamiento de búfer en Mono. La vulnerabilidad reside en un error en la clase Mono.Math.BigInteger. Un atacante remoto podría ejecutar código arbitrario mediante métodos todavía no especificados. |
|
Solución |
|
Actualización de software Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Debian (DSA 1397-1) Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1.dsc http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1.diff.gz http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/m/mono/libmono-accessibility1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-accessibility2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-bytefx0.7.6.1-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-bytefx0.7.6.2-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-c5-1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cairo1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cairo2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-corlib1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-corlib2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cscompmgd7.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cscompmgd8.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-data-tds1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-data-tds2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-firebirdsql1.7-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-ldap1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-ldap2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft-build2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft7.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft8.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-npgsql1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-npgsql2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-oracle1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-oracle2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-peapi1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-peapi2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-relaxng1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-relaxng2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-security1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-security2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip0.6-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip0.84-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip2.6-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip2.84-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sqlite1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sqlite2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-data1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-data2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-ldap1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-ldap2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-messaging1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-messaging2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-runtime1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-runtime2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-web1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-web2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-winforms1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-winforms2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-gac_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-gmcs_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-mcs_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-mjs_1.2.2.1-1etch1_all.deb AMD64 http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_amd64.deb ARM http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_ia64.deb Mandriva (MDKSA-2007:218) Mandriva Linux 2007 X86 2007.0/i586/jay-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/libmono-runtime-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/libmono0-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/libmono0-devel-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/mono-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/mono-data-sqlite-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/mono-doc-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/SRPMS/mono-1.1.17.1-5.3mdv2007.0.src.rpm X86_64 2007.0/x86_64/jay-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/lib64mono0-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/lib64mono0-devel-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/libmono-runtime-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/mono-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/mono-data-sqlite-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/mono-doc-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/SRPMS/mono-1.1.17.1-5.3mdv2007.0.src.rpm Mandriva Linux 2007.1 X86 2007.1/i586/jay-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/libmono0-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/libmono0-devel-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-bytefx-data-mysql-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-firebird-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-oracle-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-postgresql-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-sqlite-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-sybase-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-doc-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-extras-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-ibm-data-db2-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-jscript-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-locale-extras-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-nunit-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-web-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-winforms-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/SRPMS/mono-1.2.3.1-4.1mdv2007.1.src.rpm X86_64 2007.1/x86_64/jay-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/lib64mono0-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/lib64mono0-devel-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-bytefx-data-mysql-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-firebird-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-oracle-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-postgresql-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-sqlite-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-sybase-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-doc-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-extras-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-ibm-data-db2-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-jscript-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-locale-extras-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-nunit-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-web-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-winforms-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/SRPMS/mono-1.2.3.1-4.1mdv2007.1.src.rpm Mandriva Linux 2008.0 X86 2008.0/i586/jay-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/libmono-devel-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/libmono0-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-bytefx-data-mysql-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-firebird-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-oracle-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-postgresql-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-sqlite-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-sybase-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-doc-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-extras-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-ibm-data-db2-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-jscript-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-locale-extras-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-nunit-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-web-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-winforms-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/SRPMS/mono-1.2.5-4.1mdv2008.0.src.rpm X86_64 2008.0/x86_64/jay-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/lib64mono-devel-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/lib64mono0-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-bytefx-data-mysql-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-firebird-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-oracle-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-postgresql-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-sqlite-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-sybase-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-doc-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-extras-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-ibm-data-db2-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-jscript-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-locale-extras-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-nunit-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-web-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-winforms-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/SRPMS/mono-1.2.5-4.1mdv2008.0.src.rpm |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CVE-2007-5197 |
BID | 26279 |
Recursos adicionales |
|
SUSE Security Advisory (SUSE-SR:2007:023) http://www.novell.com/linux/security/advisories/2007_23_sr.html Debian Security Advisory (DSA 1397-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00175.html Mandriva Security Advisory (MDKSA-2007:218) http://www.mandriva.com/security/advisories?name=MDKSA-2007:218 |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2007-11-06 |
1.1 | Aviso emitido por Mandriva (MDKSA-2007:218) | 2007-11-15 |