aru Posted June 8, 2004 Report Share Posted June 8, 2004 Mandrakesoft Security Advisories MDKSA-2004:057 : tripwire Updated tripwire packages fix format string vulnerability June 7th, 2004 Paul Herman discovered a format string vulnerability in tripwire that could allow a local user to execute arbitrary code with the rights of the user running tripwire (typically root).This vulnerability only exists when tripwire is generating an email report. The released versions of Mandrake GNU/Linux affected are: 9.2 10.0 CS2.1 Full information about this advisory, including the updated packages, is available at: www.mandrakesoft.com/security/advisories?name=MDKSA-2004:057 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0536 http://www.securityfocus.com/archive/1/365036 Posted automatically by aru (mdksec2mub v0.0.9) Link to comment Share on other sites More sharing options...
Recommended Posts