- - - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200306-17
- - - ---------------------------------------------------------------------
PACKAGE : gnocatan
SUMMARY : multiple buffer overflows and denial of service
DATE : 2003-06-28 20:50 UTC
EXPLOIT : remote
VERSIONS AFFECTED : =gnocatan-0.7.1-r3
CVE : CAN-2003-0433
- - - ---------------------------------------------------------------------
quote from Debian DSA 315-1:
"Bas Wijnen discovered that the gnocatan server is vulnerable to
several buffer overflows which could be exploited to execute arbitrary
code on the server system."
SOLUTION
It is recommended that all Gentoo Linux users who are running
app-games/gnocatan upgrade to gnocatan-0.7.1-r3 as follows
emerge sync
emerge gnocatan
emerge clean
- - - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at
- - - ---------------------------------------------------------------------