rPSA-2007-0094-1 cpio

To:	security-announce@lists.rpath.com, update-announce@lists.rpath.com
Subject:	rPSA-2007-0094-1 cpio
From:	rPath Update Announcements <announce-noreply@rpath.com>
Date:	Mon, 07 May 2007 22:46:48 -0400
Cc:	full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com, lwn@lwn.net
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	bugtraq-list@securepoint.com
Delivered-to:	mailing list bugtraq@securityfocus.com
Delivered-to:	moderator for bugtraq@securityfocus.com
List-help:	<mailto:bugtraq-help@securityfocus.com>
List-id:	<bugtraq.list-id.securityfocus.com>
List-post:	<mailto:bugtraq@securityfocus.com>
List-subscribe:	<mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list:	contact bugtraq-help@securityfocus.com; run by ezmlm
User-agent:	nail 11.22 3/20/05

rPath Security Advisory: 2007-0094-1
Published: 2007-05-07
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
    Indirect User Deterministic Unauthorized Access
Updated Versions:
    cpio=/conary.rpath.com@rpl:devel//1/2.6-14-0.1

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4268
    https://issues.rpath.com/browse/RPL-1338

Description:
    Previous versions of the cpio package are vulnerable to a user-complicit
    attack in which cpio may execute attacker-provided code included in an
    intentionally malformed cpio archive.

<Prev in Thread]	Current Thread	[Next in Thread>
rPSA-2007-0094-1 cpio, rPath Update Announcements <=

Previous by Date:	[ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities, Raphael Marichez
Next by Date:	ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability, zdi-disclosures
Previous by Thread:	[ GLSA 200705-10 ] LibXfont, TightVNC: Multiple vulnerabilities, Raphael Marichez
Next by Thread:	ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability, zdi-disclosures
Indexes:	[Date] [Thread] [Top] [All Lists]