VMware Security Advisory - An updated service console package for e2fsprogs has been released for ESX Server versions 2.5.5 and 2.5.4.
f93228329d722fd07502d80cfef49213e5058226a673deb79b8e6fe003e8223fGentoo Linux Security Advisory GLSA 200712-13 - Rafal Wojtczuk (McAfee AVERT Research) discovered multiple integer overflows in libext2fs, that are triggered when processing information from within the file system, resulting in heap-based buffer overflows. Versions less than 1.40.3 are affected.
866e971b4563493024e7b10169ebf99b0e82378c7b6183789c237eb34e4d5b9aMandriva Linux Security Advisory - Rafal Wojtczuk of McAfee AVERT Research found that e2fsprogs contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These flaws could result in heap-based overflows potentially allowing for the execution of arbitrary code.
071701c0fabaad2f7c1bfdd0ccd4270b11700f8a922c419067def121bde606d8Ubuntu Security Notice 555-1 - Rafal Wojtczuk discovered multiple integer overflows in e2fsprogs. If a user or automated system were tricked into fscking a malicious ext2/ext3 filesystem, a remote attacker could execute arbitrary code with the user's privileges.
e7a11d56eb3e99043e5335502f1292778fc1e5560a03ee905de6011562eb3507Debian Security Advisory 1422-1 - Rafal Wojtczuk of McAfee AVERT Research discovered that e2fsprogs, ext2 file system utilities and libraries, contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These could result in heap-based overflows potentially allowing the execution of arbitrary code.
39ac95b7fdbd4ff9c4b3c21faf0562cfc7d992c5a75ee9b7bd0f228404fec8e0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed