• info
• discussion
• exploit
• solution
• references

LibRPM Query Report Arbitrary Code Execution Vulnerability

Solution:
Please see the referenced advisories for information on obtaining and applying the appropriate updates.


MandrakeSoft Corporate Server 4.0

• Mandriva libpopt0-1.10.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libpopt0-devel-1.10.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva librpm4.4-4.4.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva librpm4.4-devel-4.4.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva popt-data-1.10.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva python-rpm-4.4.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mlcs4.src.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.4.2-4.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download

Mandriva Linux Mandrake 2007.0 x86_64

• Mandriva lib64popt0-1.10.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva lib64popt0-devel-1.10.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva lib64rpm4.4-4.4.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva lib64rpm4.4-devel-4.4.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva perl-RPM-0.66-16.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva popt-data-1.10.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva python-rpm-4.4.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.6-10.1mdv2007.0.src.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.4.6-10.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download

Mandriva Linux Mandrake 2007.0

• Mandriva libpopt0-1.10.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva libpopt0-devel-1.10.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva librpm4.4-4.4.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva librpm4.4-devel-4.4.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva perl-RPM-0.66-16.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva popt-data-1.10.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva python-rpm-4.4.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.6-10.1mdv2007.0.src.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.4.6-10.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download

MandrakeSoft Multi Network Firewall 2.0

• Mandriva popt-1.8.2-7.1.M20mdk.i586.rpm
  Multi Network Firewall 2.0:
  http://www.mandriva.com/en/download


• Mandriva popt-devel-1.8.2-7.1.M20mdk.i586.rpm
  Multi Network Firewall 2.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.2.2-7.1.M20mdk.i586.rpm
  Multi Network Firewall 2.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.2.2-7.1.M20mdk.i586.rpm
  Multi Network Firewall 2.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-devel-4.2.2-7.1.M20mdk.i586.rpm
  Multi Network Firewall 2.0:
  http://www.mandriva.com/en/download

Trustix Secure Linux 2.2

• Trustix bind-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-devel-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-libs-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-light-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-light-devel-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-utils-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-clients-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-server-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-server-config-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix texinfo-4.8-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates

Mandriva Linux Mandrake 2006.0

• Mandriva lib64popt0-1.10.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva lib64popt0-devel-1.10.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva lib64rpm4.4-4.4.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva lib64rpm4.4-devel-4.4.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva libpopt0-1.10.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva libpopt0-devel-1.10.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva librpm4.4-4.4.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva librpm4.4-devel-4.4.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva popt-data-1.10.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva popt-data-1.10.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva python-rpm-4.4.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva python-rpm-4.4.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mdk.src.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.4.2-4.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.4.2-4.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download

MandrakeSoft Corporate Server 3.0 x86_64

• Mandriva popt-1.8.2-10.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva popt-devel-1.8.2-10.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.2.2-10.1.C30mdk.src.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.2.2-10.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.2.2-10.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-devel-4.2.2-10.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-python-4.2.2-10.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download

MandrakeSoft Corporate Server 3.0

• Mandriva popt-1.8.2-10.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva popt-devel-1.8.2-10.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.2.2-10.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.2.2-10.1.C30mdk.src.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.2.2-10.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-devel-4.2.2-10.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva rpm-python-4.2.2-10.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download

Trustix Secure Linux 3.0

• Trustix bind-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-devel-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-libs-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-light-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-light-devel-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix bind-utils-9.3.2-5tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-clients-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-server-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix openssh-server-config-4.5p1-1tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix rpm-4.3.2-17tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix rpm-build-4.3.2-17tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix rpm-devel-4.3.2-17tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix rpm-python-4.3.2-17tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates


• Trustix texinfo-4.8-6tr.i586.rpm
  TSL 3.0
  ftp://ftp.trustix.org/pub/trustix/updates

MandrakeSoft Corporate Server 4.0 x86_64

• Mandriva lib64popt0-1.10.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva lib64popt0-devel-1.10.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva lib64rpm4.4-4.4.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva lib64rpm4.4-devel-4.4.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva popt-data-1.10.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva python-rpm-4.4.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mlcs4.src.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-4.4.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva rpm-build-4.4.2-4.1.20060mlcs4.x86_64.rpm
  Corporate 4.0/X86_64:
  http://www.mandriva.com/en/download