aru Posted March 25, 2003 Report Share Posted March 25, 2003 MandrakeSoft Security Advisory MDKSA-2003:036 : netpbm March 25th, 2003 Updated netpbm packages fix math overflow errors Several math overflow errors were found in NetPBM by Al Viro and Alan Cox. While these programs are not installed suid root, they are often used to prepare data for processing. These errors may permit remote attackers to cause a denial of service or execute arbitrary code in any programs or scripts that use these graphics conversion tools. The released versions of Mandrake GNU/Linux affected are: 8.2 [*] 8.2/PPC [*] 9.0 [*] 9.1 [*] 9.1/PPC [*] Multi Network Firewall 8.2 [*] Corporate Server 2.1 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:036 Other references are: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0146 Posted automatically by aru (mdksec2mub v0.0.4) Link to comment Share on other sites More sharing options...
Recommended Posts