Login
Newsletter
Werbung

Sicherheit: Pufferüberlauf in exim
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in exim
ID: 200212-5
Distribution: Gentoo
Plattformen: Keine Angabe
Datum: Di, 17. Dezember 2002, 12:00
Referenzen: Keine Angabe
Applikationen: exim

Originalnachricht

--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-5
--------------------------------------------------------------------

PACKAGE : exim
SUMMARY : local root vulnerability
DATE    : 2002-12-16 16:12 UTC
EXPLOIT : local

--------------------------------------------------------------------

From advisory:

"This is a format string bug in daemon.c, line 976:

sprintf(CS buff, CS pid_file_path, ""); /* Backward compatibility */

pid_file_path can be changed on the command line.
This line is in the function daemon_go(), which only
gets executed when the user is an exim-admin-user."

Read the full advisory at
http://marc.theaimsgroup.com/?l=bugtraq&m=103903403527788&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-mail/exim-4.05 and earlier update their systems as follows:

emerge rsync
emerge exim
emerge clean

--------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
raker@gentoo.org
--------------------------------------------------------------------

--
gentoo-security@gentoo.org mailing list
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung