+++ This bug was initially created as a clone of Bug #174683 +++ Perl integer overflow issue There exists an integer overflow problem in Perl which can lead to a string format issue. If a large enough integer is supplied to a printf statement which uses the %n conversion, it may be possible to execute arbitrary code. This problem will not be easy to remotely exploit as a very poorly written script will first be needed. http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&w=2 Doesn't Affec: RHEL2.1 This issue also affects RHEL3 -- Additional comment from bressers on 2005-12-01 08:39 EST -- Created an attachment (id=121682) Proposed patch -- Additional comment from jvdias on 2005-12-01 12:27 EST -- Created an attachment (id=121695) upstream patch #26240 for this issue -- Additional comment from jvdias on 2005-12-01 12:28 EST -- Now applying to perl-5.8.5-18.RHEL4
Applying to perl-5.8.0-90.3 for RHEL-3
Fixed with perl-5.8.0-90.3
async, RHSA-2005:881 ON_QA
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-881.html