DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2008-0175

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2008-0175-1

Published: 2008-05-22

Products

rPath Linux 1
rPath Linux 2

Rating

Minor

Exposure Level Classification

Indirect User Deterministic Unauthorized Access

Updated Versions

mtr=conary.rpath.com@rpl:1/0.73-0.1-1
mtr=conary.rpath.com@rpl:2/0.73-1-0.1
mtr-gtk=conary.rpath.com@rpl:1/0.73-0.1-1
mtr-gtk=conary.rpath.com@rpl:2/0.73-1-0.1

rPath Issue Tracking System

RPL-2558

References

CVE-2008-2357

Description

Previous versions of the mtr package are vulnerable to an Arbitrary Code

Execution attack in which a user-assisted attacker in control of a

remote DNS server can cause a stack-based buffer overflow by sending

maliciously crafted replies to locally generated DNS queries.

Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0175"

Categories: Support Issue | Advisories