Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
USN-413-1: BlueZ vulnerability
Posted by Bob on: 01/24/2007 03:35 AM [ Print | 0 comment(s) ]
A new BlueZ vulnerability update is available for Ubuntu Linux. Here the announcement:
Ubuntu Security Notice USN-413-1 January 24, 2007
bluez-utils vulnerability
CVE-2006-6899
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
bluez-utils 2.20-0ubuntu3.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
A flaw was discovered in the HID daemon of bluez-utils. A remote
attacker could gain control of the mouse and keyboard if hidd was
enabled. This does not affect a default Ubuntu installation, since hidd
is normally disabled.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1.dsc
Size/MD5: 650 7bb5c0c29740dfae995a55ba26d07a57
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1.tar.gz
Size/MD5: 526189 b2444d694c7511e6653a3a9cead00889
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_amd64.deb
Size/MD5: 20086 3b4ed9604f7ba74d1e287614afa18cf4
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_amd64.deb
Size/MD5: 187672 7aad0bfd925ef78d37cbeef826249c78
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_i386.deb
Size/MD5: 19518 4cce6a8b87feec8426d3b2e63945c434
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_i386.deb
Size/MD5: 15604 cb8dd267df57bcb30ec3c73e180e994e
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_i386.deb
Size/MD5: 164384 431ed3045356754cbdbb96a24a7ec0dd
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_powerpc.deb
Size/MD5: 21414 72d08ff3dd99ffd8674d88fcb56bf69b
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_powerpc.deb
Size/MD5: 15610 c33bd675a14e05622c66fbb590a14442
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_powerpc.deb
Size/MD5: 194032 3a7fbfb965ca835996aee0693307de71
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_sparc.deb
Size/MD5: 19748 39ec9668ce2e9f71c22435585086d01f
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_sparc.deb
Size/MD5: 15610 7b24e1d49ba44ad98faa243a3ea3a405
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_sparc.deb
Size/MD5: 169410 93215bf674614af19c8709ded03a8420
--w/VI3ydZO+RcZ3Ux
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFtsRhH/9LqRcGPm0RApa5AJ4lyOEI+av5n53+dDgOrzHYHyTdiQCfZ1WL
Wqz7gb8No7KGzhTxZAOFJqs=
=jadj
-----END PGP SIGNATURE-----
bluez-utils vulnerability
CVE-2006-6899
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
bluez-utils 2.20-0ubuntu3.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
A flaw was discovered in the HID daemon of bluez-utils. A remote
attacker could gain control of the mouse and keyboard if hidd was
enabled. This does not affect a default Ubuntu installation, since hidd
is normally disabled.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1.dsc
Size/MD5: 650 7bb5c0c29740dfae995a55ba26d07a57
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1.tar.gz
Size/MD5: 526189 b2444d694c7511e6653a3a9cead00889
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_amd64.deb
Size/MD5: 20086 3b4ed9604f7ba74d1e287614afa18cf4
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_amd64.deb
Size/MD5: 187672 7aad0bfd925ef78d37cbeef826249c78
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_i386.deb
Size/MD5: 19518 4cce6a8b87feec8426d3b2e63945c434
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_i386.deb
Size/MD5: 15604 cb8dd267df57bcb30ec3c73e180e994e
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_i386.deb
Size/MD5: 164384 431ed3045356754cbdbb96a24a7ec0dd
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_powerpc.deb
Size/MD5: 21414 72d08ff3dd99ffd8674d88fcb56bf69b
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_powerpc.deb
Size/MD5: 15610 c33bd675a14e05622c66fbb590a14442
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_powerpc.deb
Size/MD5: 194032 3a7fbfb965ca835996aee0693307de71
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-cups_2.=
20-0ubuntu3.1_sparc.deb
Size/MD5: 19748 39ec9668ce2e9f71c22435585086d01f
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-pcmcia-=
support_2.20-0ubuntu3.1_sparc.deb
Size/MD5: 15610 7b24e1d49ba44ad98faa243a3ea3a405
http://security.ubuntu.com/ubuntu/pool/main/b/bluez-utils/bluez-utils_2=
.20-0ubuntu3.1_sparc.deb
Size/MD5: 169410 93215bf674614af19c8709ded03a8420
--w/VI3ydZO+RcZ3Ux
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFtsRhH/9LqRcGPm0RApa5AJ4lyOEI+av5n53+dDgOrzHYHyTdiQCfZ1WL
Wqz7gb8No7KGzhTxZAOFJqs=
=jadj
-----END PGP SIGNATURE-----
