Gentoo: GLSA-202310-02 Critical: Remote Code Execution in librpcsecgss
gentoo
October 4, 2007
A buffer overflow vulnerability has been discovered in librpcsecgss.
Summary
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200710-01
https://security.gentoo.org/
Severity: High
Title: RPCSEC_GSS library: Buffer overflow
Date: October 04, 2007
Bugs: #191479
ID: 200710-01
Synopsis
=======
A buffer overflow vulnerability has been discovered in librpcsecgss.
Background
=========
librpcsecgss is an implementation of RPCSEC_GSS for secure RPC
communications.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/librpcsecgss < 0.16 >= 0.16
==========
A stack based buffer overflow has been discovered in the
svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when
processing an overly long s...Read the Full Advisory
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!