Full Disclosure mailing list archives
FLEA-2007-0007-1: nas
From: Foresight Linux Essential Announcement Service <foresight-security-noreply () foresightlinux org>
Date: Tue, 03 Apr 2007 15:58:04 -0400
Foresight Linux Essential Advisory: 2007-0007-1 Published: 2007-04-03 Rating: Informational Updated Versions: nas=/conary.rpath.com@rpl:devel/1.8b-1-2 group-dist=/foresight.rpath.org@fl:1-devel//1/1.1-0.12-1 References: https://issues.rpath.com/browse/RPL-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1544 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1546 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1547 Description: Previous versions of the nas package were vulnerable to a number of buffer overflows, NULL and invalid pointers, and an int overflow. Foresight Linux is not vulnerable to any of these by default, as Foresight does not ship the initscript which starts the nas daemon. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FLEA-2007-0007-1: nas Foresight Linux Essential Announcement Service (Apr 03)