Adsons

    SciLinux: Low: cpio security and bug fix update

    Date09 May 2007
    56
    Posted ByLinuxSecurity Advisories
    A buffer overflow was found in cpio on 64-bit platforms. By tricking a user into adding a specially crafted large file to a cpio archive, a local attacker may be able to exploit this flaw to execute arbitrary code with [More...]
    Date:         Wed, 9 May 2007 15:10:27 -0500
    Reply-To:     Connie Sieh 
    Sender:       Security Errata for Scientific Linux
                  
    From:         Connie Sieh 
    Subject:      Security ERRATA for SL4 cpio on i386/x86_64
    Comments: To: scientific 
    MIME-version: 1.0
    Content-type: TEXT/PLAIN; format=flowed; charset=US-ASCII
    
    Synopsis:          Low: cpio security and bug fix update
    Issue date:        2007-05-01
    CVE Names:         CVE-2005-4268
    
    
    A buffer overflow was found in cpio on 64-bit platforms. By tricking a
    user into adding a specially crafted large file to a cpio archive, a local
    attacker may be able to exploit this flaw to execute arbitrary code with
    the target user's privileges. (CVE-2005-4268)
    
    
    SRPMS:
     	cpio-2.5-13.RHEL4.src.rpm
    
    i386:
     	cpio-2.5-13.RHEL4.i386.rpm
    
    x86_64:
     	cpio-2.5-13.RHEL4.x86_64.rpm
    
    -Connie Sieh
    -Troy Dawson
    

    Comments powered by CComment

    Sidebar Ad

    LinuxSecurity Poll

    Does your company/organization utilize open-source software?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    5
    radio
    bottom200

    Advisories