Bug 187401
Summary: | CVE-2006-1550 Dia multiple buffer overflows | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Josh Bressers <bressers> | ||||||||
Component: | dia | Assignee: | Caolan McNamara <caolanm> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | 4.0 | Keywords: | Security | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | reported=20060329,source=secalert,public=20060329,impact=moderate | ||||||||||
Fixed In Version: | RHSA-2006-0280 | Doc Type: | Bug Fix | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2006-05-03 15:56:40 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 188108 | ||||||||||
Attachments: |
|
Description
Josh Bressers
2006-03-30 18:42:27 UTC
Created attachment 127062 [details]
Demo Exploit #1
Created attachment 127063 [details]
Demo Exploit #2
Created attachment 127064 [details]
Demo Exploit #3
For bug 187559, RHEL-4 has been rebuilt and mkerrata re-ran# dist-4E-errata-candidate dia-0.94-5.3 dist-2.1AS-errata-candidate dia-0.88.1-3.2 has been respun and mkerrata run for RHEL-2.1 to pick-up fixed buildroot. RHEL-4 packages rebuilt to avoid huge mem alloc on invalid record size and mkerrata has been rerun for RHEL-4 dist-4E-errata-candidate dia-0.94-5.4 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0280.html |