Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] [USN-465-1] PulseAudio vulnerability

from [Kees Cook] Network Security [Permanent Link]
Subject: [Full-disclosure] [USN-465-1] PulseAudio vulnerability
Date: Fri, 25 May 2007 16:33:44 -0700 
=========================================================== 
Ubuntu Security Notice USN-465-1               May 25, 2007
pulseaudio vulnerability
CVE-2007-1804
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
  pulseaudio                               0.9.5-5ubuntu4.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Luigi Auriemma discovered multiple flaws in pulseaudio's network
processing code.  If an unauthenticated attacker sent specially crafted
requests to the pulseaudio daemon, it would crash, resulting in a denial
of service.


Updated packages for Ubuntu 7.04:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5-5ubuntu4.1.diff.gz
      Size/MD5:    16615 9d9b53272d9252e4927f0e51300f4fce
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5-5ubuntu4.1.dsc
      Size/MD5:     1265 1474ef70032d18fe70b09047637bb2ac
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5.orig.tar.gz
      Size/MD5:  1145930 99b5d9efd4fce35cabb4ae5d0ebb230d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-browse0_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    11358 3f38fa55e3e2ec7b8476772c8046b100
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:   181014 24bb58434084ba059fe03afee7e7c31a
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainloop-glib0_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    11434 7182d91212fe96fe269635f1619098c3
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:   111078 16a55c91c20d58271a2ad0f77111874d
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-esound-compat_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    27326 aafca78e8a359714d9261806ba0c883e
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-gconf_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    12706 7d73bbce987c1f8792e96e67cd865983
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-hal_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    14738 656c160743b689e8c876180b19d85700
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-lirc_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:     9102 aab1e8dc340901fc2ae6c648c56910e3
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-x11_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    15980 40d971c18451d46380b9880ac1db09e6
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-zeroconf_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    14446 87e590ceb4e0f241875eab95e42a7efa
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-utils_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:    52658 038c6d8dcad7aefc338f565349dcc7bd
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5-5ubuntu4.1_amd64.deb
      Size/MD5:   331022 19c1f526d3c61cdee453fb3527405983

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-browse0_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    10692 9d8d4fd14f7659455357d9aed48f82a4
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:   159072 be0f064914c83a102f1979a67063fb07
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainloop-glib0_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    10862 a2aff8660f4e212552a11ee24bc67676
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:   100038 5705deb6ebb7e61e74cad9a6e812e22d
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-esound-compat_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    25520 4f7907dd870e564bec851003009baa88
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-gconf_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    12084 10f2fe882feed2906037e0cfef22a601
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-hal_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    13602 9578081e9c654ebb4f320a10a63d56fc
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-lirc_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:     8820 66e9b2747e87d22e7ec1b6d4b62ee845
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-x11_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    14790 65d8e0ad1beb85ad97cd566a2e2b6469
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-zeroconf_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    13372 e590cdddd58c61dfa579f3c2934219eb
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-utils_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:    48198 80f12132afc40c6d271d41a7b215af40
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5-5ubuntu4.1_i386.deb
      Size/MD5:   295436 17d763d32247644f522bf93a75a4fcdc

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-browse0_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    13342 96d245fb4d15f25067352df991c341b8
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:   188866 d035d439d4c41a2f087fad055a74477f
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainloop-glib0_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    13648 8b8f2da9f7af64e6b5533466ad5ea3bd
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:   112850 15aae1002e4c4002b148875a118e5b34
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-esound-compat_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    34182 3a7ab26dc70070912548689ab29c81fc
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-gconf_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    16620 822d476b6a2c2c26b374c637de5bfe56
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-hal_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    17640 b7f71e82e296f1f550bdf1d08a9a9ea5
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-lirc_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    11244 0b80dbc5515e09c6c37e4cd8c8f7befd
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-x11_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    21130 1e8dfeea6cee351d01608bea8293c70a
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-zeroconf_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    17198 bdd9eb3124e86cfa8fd11c042a679d1b
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-utils_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:    64366 eada22eef9025ed3e85382e38af2b59f
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5-5ubuntu4.1_powerpc.deb
      Size/MD5:   391522 cb83477ac20e11a83cdb127fe43dc5e7

  sparc architecture (Sun SPARC/UltraSPARC)

    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-browse0_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    10678 1a70960c9515b631e38e59441cf5597a
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:   172058 bb81ff554f84a64a7b78a7f91bf77158
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainloop-glib0_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    10782 9f6f8ead197f52fcc7250bd5ad461b40
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:   100766 36e81823c36a334b5a86c9aaab86b027
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-esound-compat_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    25460 8f5f3da84a662776a867037e230fa4cd
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-gconf_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    12138 20a9cdd969e4102319d6bf40878a9939
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-hal_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    13310 dee98af79f90fc0fa5108e450b8c6640
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-lirc_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:     8894 d9ef082569bb88a7cc72d9ef27319866
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-x11_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    14676 72285253f6e33230665697271edf2a77
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-module-zeroconf_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    13264 5eeefb9453c7f4116d94d0697077f46c
    
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio-utils_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:    49998 bbd6434382d0e37c185bf8efe59fb74d
    
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9.5-5ubuntu4.1_sparc.deb
      Size/MD5:   301950 903558c0624a58899b08eca9fcd2f07c

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] [USN-465-1] PulseAudio vulnerability, Kees Cook <=
Previous by Date:  Re: Retrieving "deleted" sms/mms from Nokia phone (Symbian S60), diabol the japanophile
Next by Date:  Zindizayn Okul Web Sistemi v1.0 Sql VulnZ., g0rk3m-31
Previous by Thread:  webCMS_1.00 Database Disclosure Vulnerabilitiy, the_3dit0r
Next by Thread:  Zindizayn Okul Web Sistemi v1.0 Sql VulnZ., g0rk3m-31
Indexes:  [Date] [Thread] [Top] [All Lists]