Stay Secure with the Latest Linux Advisories

security advisorycriticalremote access

Ubuntu 7.04 USN-507-1 Critical: Tcp Wrap Remote Access Flaw

It was discovered that the TCP wrapper library was incorrectly allowing connections to services that did not specify server-side connection details. Remote attackers could connect to services that had been configured to block such connections. This only affected Ubuntu Feisty. . =========================================================== Ubuntu Security Notice USN-507-1 August 30, 2007 tcp-wrappers vulnerability https://bugs.launchpad.net/ubuntu/+source/tcp-wrappers/+bug/135332 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: libwrap0 7.6.dbs-11ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the TCP wrapper library was incorrectly allowing connections to services that did not specify server-side connection details. Remote attackers could connect to services that had been configured to block such connections. This only affected Ubuntu Feisty. Updated packages for Ubuntu 7.04: Source archives: Size/MD5: 51563 a66ffe0947add0d626dc9d813298c931 Size/MD5: 784 4430f26d95e93408a174206b2da912d2 Size/MD5: 99548 3a8f32fa7a030d84c7260578ffb46c29 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 37234 297a97e32256bfd222a08b7a249fca50 Size/MD5: 30876 81ab1ff3bc887cba421857b92599f064 Size/MD5: 80144 c502d7ca97203abef9d8468ae14a2751 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 34432 64f1a0e9d0dc0dd2eae5af32d35e8a2b Size/MD5: 29374 31f7af2847ae763f268c0f3a4c683335 Size/MD5: 78086 8ee708787754927c56bed98631cc739c powerpcarchitecture (Apple Macintosh G3/G4/G5): Size/MD5: 37028 62d8517de1af829ebd5baf0cc39d2cbb Size/MD5: 32804 0cc1db9a4c4f5577a99e887d8094c86a Size/MD5: 87362 54d419fa50c66cad5c04ad2ca3ed4163 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 35094 e400ccb9a4c8f78c1e451d5a3602958f Size/MD5: 28856 abe647adb76cba044f17786e028da758 Size/MD5: 79062 e6e97f4e4e585dfaef10f08a1608952b --r5lq+205vWdkqwtk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG1gmyH/9LqRcGPm0RAmoSAKCLE8+tlh75Kdc+pTsfdtN/7tiZMACeNZOi 6kLjlajPULvH6ymFRm846g4=RZvk -----END PGP SIGNATURE-------r5lq+205vWdkqwtk-- --==============$93301513909770005=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --ubuntu-security-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --==============$93301513909770005==-- . Debian 8.0 encountered a critical OpenSSL vulnerability enabling remote exploit. Immediate update advised.. tcp wrappers, Ubuntu security, remote access exploit, network service risk. . Severity: Critical. LinuxSecurity.com Team

Aug 29, 2007 •Critical Ubuntu