radvd: security issues fixed
This update of radvd fixes the following security flaws:
- arbitrary file overwrite flaw through unsanitized
interface names (CVE-2011-3602),
- missing return value checks in privsep_init() which could
cause radvd to keep running with root privileges
(CVE-2011-3603),
- buffer overread flaws in the process_ra() function
(CVE-2011-3604),
- temporary denial of service flaw triggered with a flood
of ND_ROUTER_SOLICIT (CVE-2011-3605)
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5316
Fixed bugs
bnc#721968
VUL-0: radvd security issues
CVE#CVE-2011-3601
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE#CVE-2011-3602
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE#CVE-2011-3603
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE#CVE-2011-3604
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE#CVE-2011-3605
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
