Revision Date: | 2007-09-19 | Version: | 635 |
Title: | RHSA-2007:0913: nfs-utils-lib security update (Important) |
Description: | The nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.
Tenable Network Security discovered a stack buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)
Users of nfs-utils-lib are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | CVE-2007-3999 RHSA-2007:0913 RHSA-2007:0913-02 RHSA-2007:0913-02
|
Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
Definition Synopsis |
Red Hat Enterprise Linux must be installed OR Package Information
Red Hat Enterprise Linux 4 is installed
AND
nfs-utils-lib is earlier than 0:1.0.6-8.z1
AND nfs-utils-lib is signed with Red Hat redhatrelease2 key
nfs-utils-lib-devel is earlier than 0:1.0.6-8.z1
AND nfs-utils-lib-devel is signed with Red Hat redhatrelease2 key
|