Bug 152902

Summary: CAN-2005-0086 less buffer overflow
Product: [Retired] Fedora Legacy Reporter: Marc Deslauriers <marc.deslauriers>
Component: Package requestAssignee: Fedora Legacy Bugs <bugs>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecified   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: https://rhn.redhat.com/errata/RHSA-2005-068.html
Whiteboard: 1, LEGACY, NEEDSWORK, rh73, rh90
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-21 19:08:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Lawrence 2005-03-30 23:31:31 UTC 
Victor Ashik discovered a heap based buffer overflow in less, caused by a
patch added to the less package in Red Hat Enterprise Linux 3. An attacker
could construct a carefully crafted file that could cause less to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0086
to this issue.

Info:
https://rhn.redhat.com/errata/RHSA-2005-068.html

This issue may be RHEL3 specific. Must be checked.



------- Additional Comments From marcdeslauriers 2005-02-10 19:09:27 ----



*** This bug has been marked as a duplicate of 2404 ***



------- Bug moved to this database by dkl 2005-03-30 18:31 -------

This bug previously known as bug 2426 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2426
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.
Comment 1 Red Hat Bugzilla 2006-02-21 19:08:18 UTC 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.