Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-66
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 06 Dec 2003
 Last revised           : 06 Dec 2003

 Package : glibc

 Summary : Multiple vulnerabilities in glibc

 More information :
    The glibc package contains the standard C libraries used by applications.

    When a user is a member of a large number of groups,the getgrouplist function in
    glibc allows attackers to cause a denial of service (segmentation fault)
    and execute arbitrary code.

 Impact :
    This may allow attackers to cause a denial of service or execute arbitrary code.

 Affected Products :
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turbopkg
 or
 # zabom update glibc glibc-devel glibc-profile mtrace nscd
 ---------------------------------------------


 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/glibc-2.2.5-17.src.rpm
     15681872 c5f6718068cad57d328e9cbb99cfc5c2

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/glibc-2.2.5-17.i586.rpm
     10948308 e978c66d70ed23c1d37f3cf58fa1d7dd
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/glibc-devel-2.2.5-17.i586.rpm
      3087284 027379201c146b8652691fa5fb407fb8
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/glibc-profile-2.2.5-17.i586.rpm
       793319 2b825226d3e4628c4fc5a13d028dc42f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/mtrace-2.2.5-17.i586.rpm
        26289 3b7e3b3ee9fdad443214abc22ff011a3
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/nscd-2.2.5-17.i586.rpm
        33180 2811c092ec2fed1a278f29d6f5393122

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/glibc-2.2.5-17.src.rpm
     15681872 0ae07774f7aed8ddceda091ad1aa59eb

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/glibc-2.2.5-17.i586.rpm
     10943475 e3ae6e493dae31c06d04de1e5ef24a5b
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/glibc-devel-2.2.5-17.i586.rpm
      3088889 7bdde2a4805a408ec20b5b6c983c20b7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/glibc-profile-2.2.5-17.i586.rpm
       793449 8eb226d87491ab3d2b22e50a978900be
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/mtrace-2.2.5-17.i586.rpm
        26291 d9d5ee64fff9b612203b7b6629d95022
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/nscd-2.2.5-17.i586.rpm
        33125 5f91d450345639e2f4629005305d401d

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/glibc-2.2.4-13.src.rpm
     13582169 668c9eb6ddb16b219cbe155edf9a6ca1

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/glibc-2.2.4-13.i586.rpm
     11310068 ebd5c4c08b7e50bafbd79b57801cccdd
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/glibc-devel-2.2.4-13.i586.rpm
      6293426 b0b9308e04c0314f4130617e89f60017
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/glibc-profile-2.2.4-13.i586.rpm
      4125526 818098cc38a84b39204504e36bc79761
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/mtrace-2.2.4-13.i586.rpm
        15377 4de531b6fda1b23c28d91477eb8f4124
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/nscd-2.2.4-13.i586.rpm
        31236 d5fbda6a59e9fc074a3df3ac378907b2

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/glibc-2.2.4-13.src.rpm
     13582169 b0e8e76f424bd3bd2cd2a94dd37d0dcd

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/glibc-2.2.4-13.i586.rpm
     11308991 b5f5f6887dc9a8aaa4e118c6c8ff22e6
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/glibc-devel-2.2.4-13.i586.rpm
      6292725 b4e5f9a07c55ff55845a2aa4dbfd5a7f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/glibc-profile-2.2.4-13.i586.rpm
      4125536 32c7053ca33d15f10c655b3e1262a769
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/mtrace-2.2.4-13.i586.rpm
        15385 5d042786c08b9336fe73fe4c7c69367b
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/nscd-2.2.4-13.i586.rpm
        31243 fae888249da3141a18336aa8a5f6da60


 References :

 CVE
   [CAN-2003-0689]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0689
   [CAN-2003-0859]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0859


 --------------------------------------------------------------------------
 Revision History
    06 Dec 2003 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2003 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/0KKNK0LzjOqIJMwRAkutAJ9LXSkcxRN+PebZ9+i3XxvKoXpn9ACgjL2b
sjeUazy/2GdmOW1usfPLKvw=
=n5NN
-----END PGP SIGNATURE-----




© 1998-2024 E-Soft Inc. All rights reserved.