Vulnerability Bulletins |
Desbordamiento de búfer en Mono |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software | Mono |
Description |
|
Se ha encontrado una vulnerabilidad del tipo desbordamiento de búfer en Mono. La vulnerabilidad reside en un error en la clase Mono.Math.BigInteger. Un atacante remoto podría ejecutar código arbitrario mediante métodos todavía no especificados. |
|
Solution |
|
Actualización de software Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Debian (DSA 1397-1) Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1.dsc http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1.diff.gz http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/m/mono/libmono-accessibility1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-accessibility2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-bytefx0.7.6.1-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-bytefx0.7.6.2-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-c5-1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cairo1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cairo2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-corlib1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-corlib2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cscompmgd7.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-cscompmgd8.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-data-tds1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-data-tds2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-firebirdsql1.7-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-ldap1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-ldap2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft-build2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft7.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft8.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-npgsql1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-npgsql2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-oracle1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-oracle2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-peapi1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-peapi2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-relaxng1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-relaxng2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-security1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-security2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip0.6-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip0.84-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip2.6-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip2.84-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sqlite1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-sqlite2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-data1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-data2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-ldap1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-ldap2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-messaging1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-messaging2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-runtime1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-runtime2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-web1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system-web2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-system2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-winforms1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono-winforms2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono1.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/libmono2.0-cil_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-gac_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-gmcs_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-mcs_1.2.2.1-1etch1_all.deb http://security.debian.org/pool/updates/main/m/mono/mono-mjs_1.2.2.1-1etch1_all.deb AMD64 http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_amd64.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_amd64.deb ARM http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_arm.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_i386.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_ia64.deb http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_ia64.deb Mandriva (MDKSA-2007:218) Mandriva Linux 2007 X86 2007.0/i586/jay-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/libmono-runtime-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/libmono0-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/libmono0-devel-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/mono-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/mono-data-sqlite-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/i586/mono-doc-1.1.17.1-5.3mdv2007.0.i586.rpm 2007.0/SRPMS/mono-1.1.17.1-5.3mdv2007.0.src.rpm X86_64 2007.0/x86_64/jay-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/lib64mono0-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/lib64mono0-devel-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/libmono-runtime-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/mono-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/mono-data-sqlite-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/x86_64/mono-doc-1.1.17.1-5.3mdv2007.0.x86_64.rpm 2007.0/SRPMS/mono-1.1.17.1-5.3mdv2007.0.src.rpm Mandriva Linux 2007.1 X86 2007.1/i586/jay-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/libmono0-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/libmono0-devel-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-bytefx-data-mysql-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-firebird-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-oracle-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-postgresql-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-sqlite-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-data-sybase-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-doc-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-extras-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-ibm-data-db2-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-jscript-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-locale-extras-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-nunit-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-web-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/i586/mono-winforms-1.2.3.1-4.1mdv2007.1.i586.rpm 2007.1/SRPMS/mono-1.2.3.1-4.1mdv2007.1.src.rpm X86_64 2007.1/x86_64/jay-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/lib64mono0-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/lib64mono0-devel-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-bytefx-data-mysql-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-firebird-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-oracle-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-postgresql-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-sqlite-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-data-sybase-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-doc-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-extras-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-ibm-data-db2-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-jscript-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-locale-extras-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-nunit-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-web-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/x86_64/mono-winforms-1.2.3.1-4.1mdv2007.1.x86_64.rpm 2007.1/SRPMS/mono-1.2.3.1-4.1mdv2007.1.src.rpm Mandriva Linux 2008.0 X86 2008.0/i586/jay-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/libmono-devel-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/libmono0-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-bytefx-data-mysql-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-firebird-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-oracle-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-postgresql-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-sqlite-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-data-sybase-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-doc-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-extras-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-ibm-data-db2-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-jscript-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-locale-extras-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-nunit-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-web-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/i586/mono-winforms-1.2.5-4.1mdv2008.0.i586.rpm 2008.0/SRPMS/mono-1.2.5-4.1mdv2008.0.src.rpm X86_64 2008.0/x86_64/jay-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/lib64mono-devel-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/lib64mono0-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-bytefx-data-mysql-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-firebird-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-oracle-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-postgresql-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-sqlite-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-data-sybase-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-doc-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-extras-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-ibm-data-db2-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-jscript-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-locale-extras-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-nunit-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-web-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/x86_64/mono-winforms-1.2.5-4.1mdv2008.0.x86_64.rpm 2008.0/SRPMS/mono-1.2.5-4.1mdv2008.0.src.rpm |
|
Standar resources |
|
Property | Value |
CVE | CVE-2007-5197 |
BID | 26279 |
Other resources |
|
SUSE Security Advisory (SUSE-SR:2007:023) http://www.novell.com/linux/security/advisories/2007_23_sr.html Debian Security Advisory (DSA 1397-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00175.html Mandriva Security Advisory (MDKSA-2007:218) http://www.mandriva.com/security/advisories?name=MDKSA-2007:218 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2007-11-06 |
1.1 | Aviso emitido por Mandriva (MDKSA-2007:218) | 2007-11-15 |