Advisories:rPSA-2008-0086
From rPath Wiki
rPath Security Advisory 2008-0086-1
Published: 2008-02-28
Products
- rPath Linux 1
- rPath Appliance Platform Linux Service 1
Rating
- Major
Exposure Level Classification
- Remote Unauthorized Access
Updated Versions
- pcre=conary.rpath.com@rpl:1/7.6-0.1-1
rPath Issue Tracking System
References
Description
- Previous versions of the pcre package are vulnerable to a possible
- Arbitrary Code Execution attack in which an attacker may use a
- maliciously crafted regular expression to trigger a buffer overflow.
- The pcre library and utilities are not known to be exposed via any
- privileged or remote interfaces within rPath Linux by default, but many
- applications linked to the pcre library are routinely exposed to remote
- or untrusted data; examples include httpd, some PHP applications, and
- various KDE components.
Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html