Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21885
HistoryMay 26, 2009 - 12:00 a.m.

[ GLSA 200905-06 ] acpid: Denial of Service

2009-05-2600:00:00
vulners.com
8
JSON

Gentoo Linux Security Advisory GLSA 200905-06

                                        http://security.gentoo.org/

Severity: Normal
Title: acpid: Denial of Service
Date: May 24, 2009
Bugs: #268079
ID: 200905-06

Synopsis

An error in acpid might allow remote attackers to cause a Denial of
Service.

Background

acpid is a daemon for the Advanced Configuration and Power Interface
(ACPI).

Affected packages

-------------------------------------------------------------------
 Package          /  Vulnerable  /                      Unaffected
-------------------------------------------------------------------

1 sys-power/acpid < 1.0.10 >= 1.0.10

Description

The acpid daemon allows opening a large number of UNIX sockets without
closing them, triggering an infinite loop.

Impact

Remote attackers can cause a Denial of Service (CPU consumption and
connectivity loss).

Workaround

There is no known workaround at this time.

Resolution

All acpid users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=sys-power/acpid-1.0.10&quot;

References

[ 1 ] CVE-2009-0798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0798

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200905-06.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
http://bugs.gentoo.org.

License

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Related

openvas 24
debiancve 1
nessus 14
seebug 1
prion 1
fedora 2
osv 1
debian 1
ubuntu 1
redhat 1
cve 1
gentoo 1
ubuntucve 1
oraclelinux 1
securityvulns 1
vmware 2
openvas
openvas
Mandrake Security Advisory MDVSA-2009:107 (acpid)
2009-06-05 00:00:00
Mandriva Security Advisory MDVSA-2009:107-1 (acpid)
2009-12-10 00:00:00
CentOS Update for acpid CESA-2009:0474 centos4 i386
2011-08-09 00:00:00
debiancve
debiancve
CVE-2009-0798
2009-04-24 15:30:00
nessus
nessus
CentOS 3 / 4 / 5 : acpid (CESA-2009:0474)
2009-05-26 00:00:00
RHEL 3 / 4 / 5 : acpid (RHSA-2009:0474)
2009-05-08 00:00:00
Mandriva Linux Security Advisory : acpid (MDVSA-2009:107-1)
2009-05-08 00:00:00
seebug
seebug
acpid套接字耗尽本地拒绝服务漏洞
2009-04-28 00:00:00
prion
prion
Code injection
2009-04-24 15:30:00
fedora
fedora
[SECURITY] Fedora 9 Update: acpid-1.0.6-8.fc9
2009-05-28 08:08:29
[SECURITY] Fedora 10 Update: acpid-1.0.6-11.fc10
2009-05-28 08:04:30
osv
osv
acpid - denial of service
2009-05-02 00:00:00
debian
debian
[SECURITY] [DSA 1786-1] New acpid packages fix denial of service
2009-05-02 01:52:49
ubuntu
ubuntu
acpid vulnerability
2009-04-27 00:00:00
redhat
redhat
(RHSA-2009:0474) Moderate: acpid security update
2009-05-07 00:00:00
cve
cve
CVE-2009-0798
2009-04-24 15:30:00
gentoo
gentoo
acpid: Denial of service
2009-05-24 00:00:00
ubuntucve
ubuntucve
CVE-2009-0798
2009-04-24 00:00:00
oraclelinux
oraclelinux
acpid security update
2009-05-07 00:00:00
securityvulns
securityvulns
acpid DoS
2011-10-23 00:00:00
vmware
vmware
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00
JSON
Related for SECURITYVULNS:DOC:21885
openvas24debiancve1nessus14seebug1prion1fedora2osv1debian1ubuntu1redhat1cve1gentoo1ubuntucve1oraclelinux1securityvulns1vmware2