Mandrake update for glibc - Secunia Advisories - Vulnerability Intelligence

Mandrake update for glibc
Secunia Advisory:	SA10792	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2004-02-05
Popularity:	6,948 views

Critical:	Less critical
Impact:	DoS
Where:	From remote
Solution Status:	Vendor Patch

OS:	Mandrake Corporate Server 2.x Mandrake Linux 9.x Mandrake Multi Network Firewall 8.x

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2002-1146

Description: MandrakeSoft has released an updated package for glibc. This fixes an old vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. The vulnerability is caused due to a boundary error. The problem happens when looking up IP addresses, since the actual size of the DNS response is not checked. The maximum buffer size is used instead, which can cause the stub resolver to read past the allocated boundary potentially resulting in a DoS. Solution: Updated packages: http://www.mandrakesecure.net/en/ftp.php Corporate Server 2.1: 07bed44311d5e47e1413674de9d4bddc corporate/2.1/RPMS/glibc-2.2.5-16.4.C21mdk.i586.rpm 208319aa05dfb74d68e568776a060cb3 corporate/2.1/RPMS/glibc-devel-2.2.5-16.4.C21mdk.i586.rpm ecc340738dea3ca5a42579e7ace0890b corporate/2.1/RPMS/glibc-i18ndata-2.2.5-16.4.C21mdk.i586.rpm 15429acff890e04ff61c63e5a83836d5 corporate/2.1/RPMS/glibc-profile-2.2.5-16.4.C21mdk.i586.rpm e34f310444a8aeebcedc4f2a6c79e354 corporate/2.1/RPMS/glibc-static-devel-2.2.5-16.4.C21mdk.i586.rpm 9d0d6658108caec33a4d546ec35c1e07 corporate/2.1/RPMS/glibc-utils-2.2.5-16.4.C21mdk.i586.rpm d58b0309793d0ac67df966f709e0ad07 corporate/2.1/RPMS/ldconfig-2.2.5-16.4.C21mdk.i586.rpm e8ccb93c65d8d0346237bf168bbf1b66 corporate/2.1/RPMS/nscd-2.2.5-16.4.C21mdk.i586.rpm df1c534f7b2b8a64a35f9d3450c536b8 corporate/2.1/SRPMS/glibc-2.2.5-16.4.C21mdk.src.rpm Corporate Server 2.1/x86_64: c2eae1a7e73f8ebc8e5dd3038300fb4d x86_64/corporate/2.1/RPMS/glibc-2.2.5-28.2.C21mdk.x86_64.rpm 1d2e9ca83e428fe8bbce0b036da9a27d x86_64/corporate/2.1/RPMS/glibc-debug-2.2.5-28.2.C21mdk.x86_64.rpm 23804843b092a6b312c5663afd7ff7bd x86_64/corporate/2.1/RPMS/glibc-devel-2.2.5-28.2.C21mdk.x86_64.rpm 1fc574b7d06650eac265d0741d30e65a x86_64/corporate/2.1/RPMS/glibc-i18ndata-2.2.5-28.2.C21mdk.x86_64.rpm 3b0e773f4f57ff1d50b40c7c167dac4f x86_64/corporate/2.1/RPMS/glibc-profile-2.2.5-28.2.C21mdk.x86_64.rpm 97096cf852834a722e5ea9834eb93452 x86_64/corporate/2.1/RPMS/glibc-static-devel-2.2.5-28.2.C21mdk.x86_64.rpm 37c7eff91489b83d16c755286a0ed3c6 x86_64/corporate/2.1/RPMS/glibc-utils-2.2.5-28.2.C21mdk.x86_64.rpm c6495adb2f79fc59e7bee995163239b0 x86_64/corporate/2.1/RPMS/ldconfig-2.2.5-28.2.C21mdk.x86_64.rpm 0d7ccd741fa5117098b14f70aec5b16e x86_64/corporate/2.1/RPMS/nscd-2.2.5-28.2.C21mdk.x86_64.rpm 5579905afbddfa7aebbd409672500b9b x86_64/corporate/2.1/SRPMS/glibc-2.2.5-28.2.C21mdk.src.rpm Mandrake Linux 9.0: ad05f4c8330197f97e17fc0e25a92cd5 9.0/RPMS/glibc-2.2.5-16.4.90mdk.i586.rpm 05a7bc63e055a995235880fe5f258875 9.0/RPMS/glibc-devel-2.2.5-16.4.90mdk.i586.rpm 3caefcf6e6632883252140c988270ceb 9.0/RPMS/glibc-i18ndata-2.2.5-16.4.90mdk.i586.rpm 7efbb7e9531907c5fa2b7d81b9c2fc95 9.0/RPMS/glibc-profile-2.2.5-16.4.90mdk.i586.rpm dfdc7f7f630c03ed478490a9d4c0e5fc 9.0/RPMS/glibc-static-devel-2.2.5-16.4.90mdk.i586.rpm d208fc8a88841816ab8b094bf993a743 9.0/RPMS/glibc-utils-2.2.5-16.4.90mdk.i586.rpm e263e2ea3b1d4e30b396c096fd5b51b0 9.0/RPMS/ldconfig-2.2.5-16.4.90mdk.i586.rpm 0293e531e2ce1b3d07cf89a66f6efa25 9.0/RPMS/nscd-2.2.5-16.4.90mdk.i586.rpm 180a63e3d7a4bba7e8a9ec967b5a8621 9.0/SRPMS/glibc-2.2.5-16.4.90mdk.src.rpm Multi Network Firewall 8.2: 1c88e2c7ed623d90db090fefd746e2f8 mnf8.2/RPMS/glibc-2.2.4-26.4.M82mdk.i586.rpm eafddda3784fda7c9dabffd892940516 mnf8.2/RPMS/ldconfig-2.2.4-26.4.M82mdk.i586.rpm 32d4267354481e77001b1fc252dc234e mnf8.2/SRPMS/glibc-2.2.4-26.4.M82mdk.src.rpm Original Advisory: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:009

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

10th Oct, 2008

New advisories:	15
New vulnerabilities:	83
Updated advisories:	41

Moderately // 563 views

ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability

Moderately // 557 views

Built2go Real Estate Listings "event_id" SQL Injection

Highly // 811 views

Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow

Moderately // 592 views

Red Hat update for cups

Highly // 600 views

DFF PHP Framework API "DFF_config[dir_incl ude]" File Inclusion Vulnerabilities

Not // 669 views

FUJITSU Interstage Products Apache Tomcat Security Bypass

Moderately // 904 views

Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Moderately // 576 views

Fedora update for condor

Moderately // 936 views

CUPS Multiple Vulnerabilities

Not // 648 views

Gentoo Portage Insecure Python Module Search Path Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.