drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ungeprüfte Verwendung von Argumenten in kopete
| Name: |
Ungeprüfte Verwendung von Argumenten in kopete
|
|
| ID: |
200305-03 |
|
| Distribution: |
Gentoo |
|
| Plattformen: |
Keine Angabe |
|
| Datum: |
Do, 15. Mai 2003, 13:00 |
|
| Referenzen: |
Keine Angabe |
|
| Applikationen: |
Kopete |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200305-03
--------------------------------------------------------------------
PACKAGE : kopete
SUMMARY : Unsafe command line cleansing
DATE : 2003-05-14 07:39 UTC
EXPLOIT : remote
VERSIONS AFFECTED : <kopete-0.6.2
FIXED VERSION : >=kopete-0.6.2
CVE : CAN-2003-0256
--------------------------------------------------------------------
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the
command line when executing gpg, which allows remote attackers to
execute arbitrary commands.
SOLUTION
It is recommended that all Gentoo Linux users who are running
net-im/kopete upgrade to kopete-0.6.2 as follows:
emerge sync
emerge kopete
emerge clean
--------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz
--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+wfLGfT7nyhUpoZMRAoKwAJ99Gdwhcy436LanEEvAmWh/lgdvaQCgv8yw
uo9SkNlFO2fkO41LozwZTPs=
=r/Ih
-----END PGP SIGNATURE-----
|
|
|
|
