Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.0450 -- [UNIX/Linux] zsh: Denial of Service 8 May 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: zsh Publisher: Mandriva Operating System: Mandriva UNIX variants (UNIX, Linux, OSX) Impact: Denial of Service Access: Existing Account CVE Names: CVE-2009-1215 CVE-2009-1214 Original Bulletin: http://www.mandriva.com/en/security/advisories?name=MDVSA-2009:108 Comment: This advisory references vulnerabilities in products which run on platforms other than Mandriva. It is recommended that administrators running zsh check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:108 http://www.mandriva.com/security/ _______________________________________________________________________ Package : zsh Date : May 7, 2009 Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: A stack-based buffer overflow was found in the zsh command interpreter. An attacker could use this flaw to cause a denial of service (zsh crash), when providing a specially-crafted string as input to the zsh shell (CVE-2009-1214, CVE-2009-1215). The updated packages have been patched to prevent this. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1214 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1215 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: 3ffec5554436380b52d982e966f24f46 2008.1/i586/zsh-4.3.5-1.1mdv2008.1.i586.rpm 7db4a561d849d9f2b12bfde039e47f0d 2008.1/i586/zsh-doc-4.3.5-1.1mdv2008.1.i586.rpm 7117bc0be4fef486045125ec5d3ae8b6 2008.1/SRPMS/zsh-4.3.5-1.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 3b01f1cc3e9b7d9988cca68352affc34 2008.1/x86_64/zsh-4.3.5-1.1mdv2008.1.x86_64.rpm bb56035c5e5a69430b786254af3226a0 2008.1/x86_64/zsh-doc-4.3.5-1.1mdv2008.1.x86_64.rpm 7117bc0be4fef486045125ec5d3ae8b6 2008.1/SRPMS/zsh-4.3.5-1.1mdv2008.1.src.rpm Mandriva Linux 2009.0: 9c7b898cf0134e9f93d9dcd6d2af5dc7 2009.0/i586/zsh-4.3.6-1.1mdv2009.0.i586.rpm 4cebe4b90d9173f62e4588b165d1c11f 2009.0/i586/zsh-doc-4.3.6-1.1mdv2009.0.i586.rpm 9b0fbc6077ce65a4716312aaf48e7545 2009.0/SRPMS/zsh-4.3.6-1.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: ea366ec65fdf8d88e43bfe1bbb6b6878 2009.0/x86_64/zsh-4.3.6-1.1mdv2009.0.x86_64.rpm 2846d6fb8a74b6494d6926d9cb83292c 2009.0/x86_64/zsh-doc-4.3.6-1.1mdv2009.0.x86_64.rpm 9b0fbc6077ce65a4716312aaf48e7545 2009.0/SRPMS/zsh-4.3.6-1.1mdv2009.0.src.rpm Corporate 3.0: 157cfed02aabc347ce1b1843d888c466 corporate/3.0/i586/zsh-4.1.1-6.1.C30mdk.i586.rpm 77a89affd002e10de155eaf589b413d4 corporate/3.0/i586/zsh-doc-4.1.1-6.1.C30mdk.i586.rpm d1356da2d3588dc3d52c8b3e38e3ea6f corporate/3.0/SRPMS/zsh-4.1.1-6.1.C30mdk.src.rpm Corporate 3.0/X86_64: cf3f543880dfe94344ad5a7be601e580 corporate/3.0/x86_64/zsh-4.1.1-6.1.C30mdk.x86_64.rpm 6acd52702032a42c8a01a9b4306c0f63 corporate/3.0/x86_64/zsh-doc-4.1.1-6.1.C30mdk.x86_64.rpm d1356da2d3588dc3d52c8b3e38e3ea6f corporate/3.0/SRPMS/zsh-4.1.1-6.1.C30mdk.src.rpm Corporate 4.0: 95b44fb0b1105739e4f53c96b1264d06 corporate/4.0/i586/zsh-4.2.5-1.1.20060mlcs4.i586.rpm ec31b6b994107a8a9398e7da0598f0bd corporate/4.0/i586/zsh-doc-4.2.5-1.1.20060mlcs4.i586.rpm 4915615f0941e392bd198d6cf2a919a4 corporate/4.0/SRPMS/zsh-4.2.5-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 4e21e19471c133e88c4b9c96586ebbd8 corporate/4.0/x86_64/zsh-4.2.5-1.1.20060mlcs4.x86_64.rpm bda589a2302f93712aaa8aefae00b0e8 corporate/4.0/x86_64/zsh-doc-4.2.5-1.1.20060mlcs4.x86_64.rpm 4915615f0941e392bd198d6cf2a919a4 corporate/4.0/SRPMS/zsh-4.2.5-1.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKAq99mqjQ0CJFipgRAhy0AKDnFqXme2lZB46m3Vz2fwBDkG+JbgCfQnr9 9C17HIFtx8+ljSFTJZEHEr8= =g+9l - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFKA7d7NVH5XJJInbgRAgVFAJ4l0crzeTb0QU9K4OwqDlS9E5z/nwCdGGgD XhfdUJDQ0kr8ag702jVgm5E= =ypgd -----END PGP SIGNATURE-----