|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200512-16] OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library Vulnerability Scan
Vulnerability Scan Summary OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200512-16
(OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library)
xfocus discovered two potential buffer overflows in the libUil
library, in the diag_issue_diagnostic and open_source_file functions.
Impact
Remotely-accessible or SUID applications making use of the
affected functions might be exploited to execute arbitrary code with
the rights of the user running the application.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964
http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0047.html
Solution:
All OpenMotif users should upgrade to an unaffected version:
# emerge --sync
# emerge --ask --oneshot --verbose x11-libs/openmotif
All AMD64 x86 emulation X libraries users should upgrade to the
latest version:
# emerge --sync
# emerge --ask --oneshot --verbose app-emulation/emul-linux-x86-xlibs
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|