GLSA: bladeenc

From: Daniel Ahlberg (aliz@gentoo.org)
Date: 02/05/03

  • Next message: Bjornar B. Larsen: "RE: Opera: What's Next (GM#005-OP)"
    From: Daniel Ahlberg <aliz@gentoo.org>
    Date: Wed, 5 Feb 2003 13:55:45 +0100
    To: bugtraq@securityfocus.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - - --------------------------------------------------------------------
    GENTOO LINUX SECURITY ANNOUNCEMENT 200302-04
    - - --------------------------------------------------------------------

    PACKAGE : bladeenc
    SUMMARY : arbitrary code execution
    DATE : 2003-02-05 12:55 UTC
    EXPLOIT : local

    - - --------------------------------------------------------------------

    - From advisory:

    "A wave file let the attacker to execute all the code he want on the
    victim"
     
    Read the full advisory at:
    http://www.pivx.com/luigi/adv/blade942-adv.txt

    SOLUTION

    It is recommended that all Gentoo Linux users who are running
    media-sound/bladeenc upgrade to bladeenc-0.94.2-r1 as follows:

    emerge sync
    emerge -u bladeenc
    emerge clean

    - - --------------------------------------------------------------------
    aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
    styx@gentoo.org
    - - --------------------------------------------------------------------
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)

    iD8DBQE+QQnMfT7nyhUpoZMRAj4gAKCysKGdI94DM7FfPu24xfxjhPPNSgCgowXK
    b+MxfjWXGIiJs2VVyA848RM=
    =Z9lw
    -----END PGP SIGNATURE-----



    Relevant Pages

    • [Full-Disclosure] GLSA: bladeenc
      ... PACKAGE: bladeenc ... SUMMARY: arbitrary code execution ... Read the full advisory at: ... It is recommended that all Gentoo Linux users who are running ...
      (Full-Disclosure)
    • [Full-Disclosure] GLSA: Mail-SpamAssasin
      ... GENTOO LINUX SECURITY ANNOUNCEMENT 200302-01 ... SUMMARY: arbitrary code execution ... "Attacker may be able to execute arbitrary code by sending a specially ... Read the full advisory at ...
      (Full-Disclosure)
    • GLSA: Mail-SpamAssasin
      ... GENTOO LINUX SECURITY ANNOUNCEMENT 200302-01 ... SUMMARY: arbitrary code execution ... "Attacker may be able to execute arbitrary code by sending a specially ... Read the full advisory at ...
      (Bugtraq)
    • GLSA: apache (200304-01)
      ... "Remote exploitation of a memory leak in the Apache HTTP Server causes the ... Read the full advisory at: ... It is recommended that all Gentoo Linux users who are running ...
      (Bugtraq)
    • [Full-Disclosure] GLSA: apache (200304-01)
      ... "Remote exploitation of a memory leak in the Apache HTTP Server causes the ... Read the full advisory at: ... It is recommended that all Gentoo Linux users who are running ...
      (Full-Disclosure)