aru Posted March 7, 2003 Report Share Posted March 7, 2003 MandrakeSoft Security Advisory MDKSA-2003:030 : file March 6th, 2003 Updated file packages fix stack overflow vulnerability A memory allocation problem in file was found by Jeff Johnson, and a stack overflow corruption problem was found by David Endler. These problems have been corrected in file version 3.41 and likely affect all previous version. These problems pose a security threat as they can be used to execute arbitrary code by an attacker under the privileges of another user. Note that the attacker must first somehow convince the target user to execute file against a specially crafted file that triggers the buffer overflow in file. The released versions of Mandrake GNU/Linux affected are: 7.2 [*] 8.0 [*] 8.0/PPC [*] 8.1 [*] 8.1/IA64 [*] 8.2 [*] 8.2/PPC [*] 9.0 [*] Single Network Firewall 7.2 [*] Corporate Server 2.1 All the information about this advisory is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:030 This stuff was posted automatically by aru Quote Link to comment Share on other sites More sharing options...
Counterspy Posted March 7, 2003 Report Share Posted March 7, 2003 My compliments to you for taking the time to post these here where they are far likely to be seen. Counterspy Quote Link to comment Share on other sites More sharing options...
aru Posted March 7, 2003 Author Report Share Posted March 7, 2003 Thanks Counterspy, but as all the process is automatic, there is no effort from my part at all :D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.