Joined: 12 May 2004
|Posted: Sun Nov 20, 2011 8:26 pm Post subject: [ GLSA 201111-08 ] radvd: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: radvd: Multiple vulnerabilities (GLSA 201111-08)
Exploitable: local, remote
Date: November 20, 2011
Multiple vulnerabilities have been found in radvd which could
potentially lead to privilege escalation, data loss, or a Denial of
radvd is an IPv6 router advertisement daemon for Linux and BSD.
Vulnerable: < 1.8.2
Unaffected: >= 1.8.2
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in radvd. Please review
the CVE identifiers referenced below for details.
A remote unauthenticated attacker may be able to gain escalated
privileges, escalate the privileges of the radvd process, overwrite files
with specific names, or cause a Denial of Service. Local attackers may be
able to overwrite the contents of arbitrary files using symlinks.
There is no known workaround at this time.
All radvd users should upgrade to the latest stable version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/radvd-1.8.2"
Last edited by GLSA on Sun Oct 07, 2012 4:29 am; edited 2 times in total