Login
Newsletter
Werbung

Sicherheit: Pufferüberlauf in nfs-utils
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in nfs-utils
ID: 200307-07
Distribution: Gentoo
Plattformen: Keine Angabe
Datum: Mo, 21. Juli 2003, 13:00
Referenzen: Keine Angabe
Applikationen: Linux NFS Utilities

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200307-07
--------------------------------------------------------------------

          PACKAGE : nfs-utils
          SUMMARY : off by one bug
             DATE : 2003-07-19 15:13 UTC
          EXPLOIT : remote
VERSIONS AFFECTED : <nfs-utils-1.0.4
    FIXED VERSION : >=nfs-utils-1.0.4
              CVE : CAN-2003-0252

--------------------------------------------------------------------

quote from advisory:

"Local or remote attacker which is capable to send RPC request to
vulnerable mountd daemon could execute artitrary code or cause
denial of service."

read the full advisory at:
http://marc.theaimsgroup.com/?l=bugtraq&m=105820223707191&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-fs/nfs-utils upgrade to nfs-utils-1.0.5 as follows

emerge sync
emerge nfs-utils
emerge clean

--------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz
--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/GWAqfT7nyhUpoZMRAnjDAKCCDYQRPaOlWu9x20mqyzCAqlEIMQCfcIOZ
KpTLSUKZcBJxYS+UyBVjOhU=
=ljzz
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung