drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ungeprüfte Verwendung von Argumenten in kopete
Name: |
Ungeprüfte Verwendung von Argumenten in kopete
|
|
ID: |
200305-03 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Do, 15. Mai 2003, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Kopete |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200305-03 --------------------------------------------------------------------
PACKAGE : kopete SUMMARY : Unsafe command line cleansing DATE : 2003-05-14 07:39 UTC EXPLOIT : remote VERSIONS AFFECTED : <kopete-0.6.2 FIXED VERSION : >=kopete-0.6.2 CVE : CAN-2003-0256
--------------------------------------------------------------------
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.
SOLUTION
It is recommended that all Gentoo Linux users who are running net-im/kopete upgrade to kopete-0.6.2 as follows:
emerge sync emerge kopete emerge clean
-------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+wfLGfT7nyhUpoZMRAoKwAJ99Gdwhcy436LanEEvAmWh/lgdvaQCgv8yw uo9SkNlFO2fkO41LozwZTPs= =r/Ih -----END PGP SIGNATURE-----
|
|
|
|