[MBT] new entry in pkg fileutils "Integer overflow (DoS if used by e.g. wu-ftpd)"
bugs at pld-linux.org
bugs at pld-linux.org
Mon Dec 1 15:45:40 CET 2003
Date: 2003-12-01 15:45:39+01 Author: Jakub Bogusz (qboosh) <qboosh at pld-linux.org>
Title: Integer overflow (DoS if used by e.g. wu-ftpd)
Ticket ID: #779
Ticket URL: http://bugs.pld-linux.org/?bug=779
Package: fileutils-1:4.1.9-7
Distribution: PLD-1.0.updates.general
Category: security problem
Current state: closed -- resolved
Text:
Fixed in 4.1.9-8 (will be available in ra/updates/security soon).
(locally it's rather minor issue - if someone has shell access,
he usually has many more ways than "ls -w" to cause memory
consumption or execute code he wants to - using his own uid
and limits, which couldn't be bypassed by ls too)
*** State changed to 'closed -- resolved'
More information about the pld-bugs
mailing list