Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-919-1: Emacs vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-919-1: Emacs vulnerability
# 1  
Old 03-29-2010
USN-919-1: Emacs vulnerability
Referenced CVEs:
CVE-2010-0825


Description:
=========================================================== Ubuntu Security Notice USN-919-1 March 29, 2010 emacs22, emacs23 vulnerability CVE-2010-0825 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: emacs22-bin-common 22.1-0ubuntu10.2 Ubuntu 8.10: emacs22-bin-common 22.2-0ubuntu2.8.10.1 Ubuntu 9.04: emacs22-bin-common 22.2-0ubuntu2.9.04.1 Ubuntu 9.10: emacs22-bin-common 22.2-0ubuntu6.2 emacs23-bin-common 23.1+1-4ubuntu3.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Dan Rosenberg discovered that the email helper in Emacs did not correctly check file permissions. A local attacker could perform a symlink race to read or append to another user's mailbox if it was stored under a group-writable group-"mail" directory.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

rdisc6

RDISC6(8)						      System Manager's Manual							 RDISC6(8)

NAME

       rdisc - ICMPv6 Router Discovery tool

SYNOPSIS

       rdisc6 [-qv] [-r attempts] [-w wait_ms] [ IPv6 address] <iface>

DESCRIPTON

       RDisc6  is  an  Unix  program  which  implements the ICMPv6 Router Discovery in userland (it is normally done by the kernel). It is used to
       lookup the list of on-link routers and IPv6 prefixes.

       It can also be used to force the kernel to update the state of a given IPv6-autoconfigured network interface.

       The name of the network interface to probe routers for must be specified.

OPTIONS

       -1 or --single
	      Exit as soon as the first advertisement is received.

       -h or --help
	      Display some help and exit.

       -m or --multiple
	      Wait for possible multiple advertisements and print all of them (default).

       -n or --numeric
	      If the optional parameter is not a valid IPv6 address, do not try to resolve it as a DNS hostname.

       -q or --quiet
	      Only display advertised IPv6 prefixes. Display nothing in case of failure.  That is mostly useful when calling the  program  from  a
	      shell script.

       -r attempts or --retry attempts
	      Send  ICMPv6 Router Discovery that many times until a reply is received, or abort. By default, rdisc6 will try 3 times before abort-
	      ing (MAX_RTR_SOLICITATIONS from RFC2461).

       -V or --version
	      Display program version and license and exit.

       -v or --verbose
	      Display verbose information. That is the default.

       -w wait_ms or --wait wait_ms
	      Wait wait_ms milliseconds for a response before retrying.  By default, rdisc6 waits 4 second between  each  attempts  (RTR_SOLICITA-
	      TION_INTERVAL from RFC2461).

SECURITY

       rdisc6  must  be  setuid  root to allow use by non privileged users. It will drop its root privileges before any attempt is made to send or
       receive data from the network to reduce the possible impact of a security vulnerability.

SEE ALSO

       ndisc6(8), ipv6(7)

AUTHOR

       Remi Denis-Courmont <remi at remlab dot net>

       $Id: rdisc6.8 658 2010-10-31 20:56:30Z remi $

       http://www.remlab.net/ndisc6/

rdisc6					      $Date: 2010-10-31 22:56:30 +0200 (dim. 31 oct. 2010) $					 RDISC6(8)