Vulnerability Bulletins

int(1290)

Vulnerability Bulletins

Múltiples vulneravilidades en queue
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Aumento de privilegios
Dificulty	Avanzado
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	queue
Description
Se han encontrado algunas vulnerabilidades en la aplicación queue las cuales podrían ser aprovechas por un usuario local malicioso con el fin de escalar privilegios.
Solution
Actualización de software Debian Linux Debian Linux 3.0 Fuentes: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2.dsc http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2.diff.gz http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1.orig.tar.gz Alpha: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_alpha.deb ARM: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_arm.deb Intel IA-32: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_i386.deb Intel IA-64: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_ia64.deb HPPA: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_hppa.deb Motorola 680x0: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_m68k.deb Big endian MIPS: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_mips.deb Little endian MIPS: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_mipsel.deb PowerPC: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_powerpc.deb IBM S/390: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_s390.deb Sun Sparc: http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_sparc.deb
Standar resources
Property	Value
CVE	CAN-2004-0555
BID
Other resources
Debian Security Advisory DSA-643-1 http://www.debian.org/security/2005/dsa-643

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-01-20

Vulnerability Bulletins

Múltiples vulneravilidades en queue

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history