SmoothWall Project Security Advisory SWP-2004:004

» About the GPL Project » User Quotes » FAQs » History » Team » Commercial » Screenshots » Legal » Feedback

» Web Forums » IRC

» my.SmoothWall » Downloads » VMWare™ Images » Releases » Build Notes » Updates » Developers » Sources

home > get > security >

-------------------------------------------------------------
SmoothWall Project Security Advisory SWP-2004:004
-------------------------------------------------------------

    Summary: Updates for SmoothWall Express to correct
             local vulnerabilities in Linux kernel.
 Importance: Intermediate
      Issue: Possible local vulnerabilities
  CVE Names: CAN-2004-0700, CAN-2004-0495, CAN-2004-0497, 
             CAN-2004-0535, CAN-2004-0685, CAN-2004-0415
   Released: 2004-08-13
SW-specific: no

Affected Products:

  SmoothWall Express 2.0 (fixes3)

The products shown must be updated to the fix level as 
shown above before applying any updates mentioned in this
advisory.

-------------------------------------------------------------
Description
-------------------------------------------------------------

Security vulnerabilities have been found in the Linux kernel,
and mod_ssl packages.

These vulnerabilities can result in privilege escalation or
unwanted availability of sensitive information if exploited
locally.

-------------------------------------------------------------
Corrective Actions
-------------------------------------------------------------

You should download and install the required update for
your product(s).  The updates can be downloaded from the
web links below, along with installation instructions and
any further caveats or updates.

SmoothWall Express 2.0 fixes 4
- http://updates.smoothwall.org/p/x/2.0/fixes4.html

-------------------------------------------------------------
Further Information
-------------------------------------------------------------

CVE Candidate CAN-2004-0495
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495
CVE Candidate CAN-2004-0497
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0497
CVE Candidate CAN-2004-0535
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
CVE Candidate CAN-2004-0685
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0685
CVE Candidate CAN-2004-0415
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415
CVE Candidate CAN-2004-0700
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0700
mod_ssl Advisory
- http://www.kb.cert.org/vuls/id/303448
Linux Kernel 2.4.27 Changelog
- http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.27

____ smoothwall - delivering versatile, affordable security _