|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200501-10] Vilistextum: Buffer overflow vulnerability Vulnerability Scan
Vulnerability Scan Summary
Vilistextum: Buffer overflow vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200501-10
(Vilistextum: Buffer overflow vulnerability)
Ariel Berkman discovered that Vilistextum unsafely reads data into
an array without checking the length. This code vulnerability may lead
to a buffer overflow.
Impact
A remote attacker could craft a malicious webpage which, when
converted, would result in the execution of arbitrary code with the
rights of the user running Vilistextum.
Workaround
There is no known workaround at this time.
References:
http://tigger.uic.edu/~jlongs2/holes/vilistextum.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1299
Solution:
All Vilistextum users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/vilistextum-2.6.7"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
