1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
- - -------------------------------------------------------------------- |
5 |
GENTOO LINUX SECURITY ANNOUNCEMENT 200301-5 |
6 |
- - -------------------------------------------------------------------- |
7 |
|
8 |
PACKAGE : monopd |
9 |
SUMMARY : buffer overflow |
10 |
DATE : 2003-01-06 12:01 UTC |
11 |
EXPLOIT : remote |
12 |
|
13 |
- - -------------------------------------------------------------------- |
14 |
|
15 |
A buffer overflow exist in the messaging framework which would allow |
16 |
a remote user to execute commands as the user running the game server. |
17 |
|
18 |
More information is available at |
19 |
http://www.securitytracker.com/alerts/2002/Dec/1005856.html |
20 |
|
21 |
SOLUTION |
22 |
|
23 |
It is recommended that all Gentoo Linux users who are running |
24 |
app-games/monopd-0.4.3-r1 or earlier update their systems as |
25 |
follows: |
26 |
|
27 |
emerge rsync |
28 |
emerge monopd |
29 |
emerge clean |
30 |
|
31 |
- - -------------------------------------------------------------------- |
32 |
aliz@g.o - GnuPG key is available at www.gentoo.org/~aliz |
33 |
hannes@g.o |
34 |
- - -------------------------------------------------------------------- |
35 |
-----BEGIN PGP SIGNATURE----- |
36 |
Version: GnuPG v1.2.1 (GNU/Linux) |
37 |
|
38 |
iD8DBQE+GXV0fT7nyhUpoZMRAldIAJ49oOEsaBXIR/44U8C0XTOEFDc/SACfXegN |
39 |
MY3MC9Z3jntQVNeX2i/Ox6c= |
40 |
=iGOW |
41 |
-----END PGP SIGNATURE----- |