ID CVE-2005-1704
Summary Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:gdb:6.3:r2
    cpe:2.3:a:gnu:gdb:6.3:r2
CVSS
Base: 4.6 (as of 25-05-2005 - 15:20)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-135-1.NASL
    description Tavis Ormandy found an integer overflow in the GNU debugger. By tricking an user into merely load a specially crafted executable, an attacker could exploit this to execute arbitrary code with the privileges of the user running gdb. However, loading untrusted binaries without actually executing them is rather uncommon, so the risk of this flaw is low. (CAN-2005-1704) Tavis Ormandy also discovered that gdb loads and executes the file '.gdbinit' in the current directory even if the file belongs to a different user. By tricking an user into run gdb in a directory with a malicious .gdbinit file, a local attacker could exploit this to run arbitrary commands with the privileges of the user invoking gdb. (CAN-2005-1705). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-01
    plugin id 20526
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20526
    title Ubuntu 4.10 / 5.04 : gdb vulnerabilities (USN-135-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-709.NASL
    description An updated gdb package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a controlled fashion, then printing their data. Several integer overflow bugs were found in gdb. If a user is tricked into processing a specially crafted executable file, it may allow the execution of arbitrary code as the user running gdb. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. A bug was found in the way gdb loads .gdbinit files. When a user executes gdb, the local directory is searched for a .gdbinit file which is then loaded. It is possible for a local user to execute arbitrary commands as the victim running gdb by placing a malicious .gdbinit file in a location where gdb may be run. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1705 to this issue. This updated package also addresses the following issues : - GDB on ia64 had previously implemented a bug fix to work-around a kernel problem when creating a core file via gcore. The bug fix caused a significant slow-down of gcore. - GDB on ia64 issued an extraneous warning when gcore was used. - GDB on ia64 could not backtrace over a sigaltstack. - GDB on ia64 could not successfully do an info frame for a signal trampoline. - GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process. - GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints. - GDB could not build with gcc4 when -Werror flag was set. - GDB had problems printing inherited members of C++ classes. - A few updates from mainline sources concerning Dwarf2 partial die in cache support, follow-fork support, interrupted syscall support, and DW_OP_piece read support. All users of gdb should upgrade to this updated package, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 19994
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19994
    title RHEL 4 : gdb (RHSA-2005:709)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200505-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-200505-15 (gdb: Multiple vulnerabilities) Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library, resulting in a heap overflow. A review also showed that by default, gdb insecurely sources initialisation files from the working directory. Impact : Successful exploitation would result in the execution of arbitrary code on loading a specially crafted object file or the execution of arbitrary commands. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 18379
    published 2005-05-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18379
    title GLSA-200505-15 : gdb: Multiple vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-095.NASL
    description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered two vulnerabilities in the GNU debugger. The first allows an attacker to execute arbitrary code with the privileges of the user running gdb if they can trick the user into loading a specially crafted executable (CVE-2005-1704). He also discovered that gdb loads and executes the file .gdbinit in the current directory even if the file belongs to a different user. If a user can be tricked into running gdb in a directory with a malicious .gdbinit file, a local attacker can exploit this to run arbitrary commands with the privileges of the user running gdb (CVE-2005-1705). The updated packages have been patched to correct these problems.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 18404
    published 2005-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18404
    title Mandrake Linux Security Advisory : gdb (MDKSA-2005:095)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0354.NASL
    description Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages that originally shipped with Red Hat Enterprise Linux 4 were GPL-licensed versions which lacked some functionality. Previous updates provided fully functional versions of elfutils only under the OSL license. This update provides a fully functional, GPL-licensed version of elfutils. In the OSL-licensed elfutils versions provided in previous updates, some tools could sometimes crash when given corrupted input files. (CVE-2005-1704) Also, when the eu-strip tool was used to create separate debuginfo files from relocatable objects such as kernel modules (.ko), the resulting debuginfo files (.ko.debug) were sometimes corrupted. Both of these problems are fixed in the new version. Users of elfutils should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 22219
    published 2006-08-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22219
    title RHEL 4 : elfutils (RHSA-2006:0354)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-673.NASL
    description An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. In addition, the following bugs have been fixed : -- by default issue an error if IA-64 hint@pause instruction is put into the B slot, add assembler command line switch to override this behaviour -- fix linker's --emit-relocs with .gnu.warning.* section symbols -- fix gprof on 64-bit ppc binaries and libraries -- fix gas mapping of register names to dwarf2 register numbers in CFI directives All users of binutils should upgrade to this updated package, which contains patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 19991
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19991
    title RHEL 4 : binutils (RHSA-2005:673)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0368.NASL
    description Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages that originally shipped with Red Hat Enterprise Linux 3 were GPL-licensed versions which lacked some functionality. Previous updates provided fully functional versions of elfutils only under the OSL license. This update provides a fully functional, GPL-licensed version of elfutils. In the OSL-licensed elfutils versions provided in previous updates, some tools could sometimes crash when given corrupted input files. (CVE-2005-1704) Also, when the eu-strip tool was used to create separate debuginfo files from relocatable objects such as kernel modules (.ko), the resulting debuginfo files (.ko.debug) were sometimes corrupted. Both of these problems are fixed in the new version. Users of elfutils should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22082
    published 2006-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22082
    title CentOS 3 : elfutils (CESA-2006:0368)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-215.NASL
    description Integer overflows in various applications in the binutils package may allow attackers to execute arbitrary code via a carefully crafted object file. The updated packages have been patched to help address these problems.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20447
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20447
    title Mandrake Linux Security Advisory : binutils (MDKSA-2005:215)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-659.NASL
    description An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools. Several integer overflow bugs were found in binutils. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user running the utility. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. Additionally, the following bugs have been fixed : -- correct alignment of .tbss section if the requested alignment of .tbss is bigger than requested alignment of .tdata section -- by default issue an error if IA-64 hint@pause instruction is put into the B slot, add assembler command line switch to override this behaviour All users of binutils should upgrade to this updated package, which contains backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21848
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21848
    title CentOS 3 : binutils (CESA-2005:659)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0354.NASL
    description Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages that originally shipped with Red Hat Enterprise Linux 4 were GPL-licensed versions which lacked some functionality. Previous updates provided fully functional versions of elfutils only under the OSL license. This update provides a fully functional, GPL-licensed version of elfutils. In the OSL-licensed elfutils versions provided in previous updates, some tools could sometimes crash when given corrupted input files. (CVE-2005-1704) Also, when the eu-strip tool was used to create separate debuginfo files from relocatable objects such as kernel modules (.ko), the resulting debuginfo files (.ko.debug) were sometimes corrupted. Both of these problems are fixed in the new version. Users of elfutils should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22274
    published 2006-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22274
    title CentOS 4 : elfutils (CESA-2006:0354)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-801.NASL
    description An updated gdb package that fixes minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a controlled fashion, then printing their data. Several integer overflow bugs were found in gdb. If a user is tricked into processing a specially crafted executable file, it may allow the execution of arbitrary code as the user running gdb. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. A bug was found in the way gdb loads .gdbinit files. When a user executes gdb, the local directory is searched for a .gdbinit file which is then loaded. It is possible for a local user to execute arbitrary commands as the user running gdb by placing a malicious .gdbinit file in a location where gdb may be run. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1705 to this issue. All users of gdb should upgrade to this updated package, which contains backported patches that resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20059
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20059
    title RHEL 2.1 : gdb (RHSA-2005:801)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-673.NASL
    description An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. In addition, the following bugs have been fixed : -- by default issue an error if IA-64 hint@pause instruction is put into the B slot, add assembler command line switch to override this behaviour -- fix linker's --emit-relocs with .gnu.warning.* section symbols -- fix gprof on 64-bit ppc binaries and libraries -- fix gas mapping of register names to dwarf2 register numbers in CFI directives All users of binutils should upgrade to this updated package, which contains patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 67030
    published 2013-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67030
    title CentOS 4 : binutils (CESA-2005:673)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-136-1.NASL
    description Tavis Ormandy found an integer overflow in the Binary File Descriptor (BFD) parser in the GNU debugger. The same vulnerable code is also present in binutils. By tricking an user into processing a specially crafted executable with the binutils tools (strings, objdump, nm, readelf, etc.), an attacker could exploit this to execute arbitrary code with the privileges of the user running the affected program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20527
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20527
    title Ubuntu 4.10 / 5.04 : binutils vulnerability (USN-136-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-709.NASL
    description An updated gdb package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a controlled fashion, then printing their data. Several integer overflow bugs were found in gdb. If a user is tricked into processing a specially crafted executable file, it may allow the execution of arbitrary code as the user running gdb. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. A bug was found in the way gdb loads .gdbinit files. When a user executes gdb, the local directory is searched for a .gdbinit file which is then loaded. It is possible for a local user to execute arbitrary commands as the victim running gdb by placing a malicious .gdbinit file in a location where gdb may be run. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1705 to this issue. This updated package also addresses the following issues : - GDB on ia64 had previously implemented a bug fix to work-around a kernel problem when creating a core file via gcore. The bug fix caused a significant slow-down of gcore. - GDB on ia64 issued an extraneous warning when gcore was used. - GDB on ia64 could not backtrace over a sigaltstack. - GDB on ia64 could not successfully do an info frame for a signal trampoline. - GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process. - GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints. - GDB could not build with gcc4 when -Werror flag was set. - GDB had problems printing inherited members of C++ classes. - A few updates from mainline sources concerning Dwarf2 partial die in cache support, follow-fork support, interrupted syscall support, and DW_OP_piece read support. All users of gdb should upgrade to this updated package, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 67033
    published 2013-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67033
    title CentOS 4 : gdb (CESA-2005:709)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200506-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-200506-01 (Binutils, elfutils: Buffer overflow) Tavis Ormandy and Ned Ludd of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library and elfutils, resulting in a heap based buffer overflow. Impact : Successful exploitation would require a user to access a specially crafted binary file, resulting in the execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 18406
    published 2005-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18406
    title GLSA-200506-01 : Binutils, elfutils: Buffer overflow
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-659.NASL
    description An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools. Several integer overflow bugs were found in binutils. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user running the utility. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. Additionally, the following bugs have been fixed : -- correct alignment of .tbss section if the requested alignment of .tbss is bigger than requested alignment of .tdata section -- by default issue an error if IA-64 hint@pause instruction is put into the B slot, add assembler command line switch to override this behaviour All users of binutils should upgrade to this updated package, which contains backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 19831
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19831
    title RHEL 3 : binutils (RHSA-2005:659)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0368.NASL
    description Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages that originally shipped with Red Hat Enterprise Linux 3 were GPL-licensed versions which lacked some functionality. Previous updates provided fully functional versions of elfutils only under the OSL license. This update provides a fully functional, GPL-licensed version of elfutils. In the OSL-licensed elfutils versions provided in previous updates, some tools could sometimes crash when given corrupted input files. (CVE-2005-1704) Also, when the eu-strip tool was used to create separate debuginfo files from relocatable objects such as kernel modules (.ko), the resulting debuginfo files (.ko.debug) were sometimes corrupted. Both of these problems are fixed in the new version. Users of elfutils should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 22085
    published 2006-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22085
    title RHEL 3 : elfutils (RHSA-2006:0368)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-763.NASL
    description An updated binutils package that fixes minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools. Several integer overflow bugs were found in binutils. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user running the utility. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1704 to this issue. All users of binutils should upgrade to this updated package, which contains backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20045
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20045
    title RHEL 2.1 : binutils (RHSA-2005:763)
oval via4
accepted 2013-04-29T04:18:12.848-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
family unix
id oval:org.mitre.oval:def:9071
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
version 23
redhat via4
advisories
  • bugzilla
    id 186992
    title Elfutils license upgrade
    oval
    AND
    comment Red Hat Enterprise Linux 4 is installed
    oval oval:com.redhat.rhba:tst:20070304001
    rhsa
    id RHSA-2006:0354
    released 2006-08-10
    severity Low
    title RHSA-2006:0354: elfutils security update (Low)
  • bugzilla
    id 189114
    title eu-strip mangles separate debuginfo with relocation sections
    oval
    AND
    comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhba:tst:20070026001
    rhsa
    id RHSA-2006:0368
    released 2006-07-20
    severity Low
    title RHSA-2006:0368: elfutils security update (Low)
  • rhsa
    id RHSA-2005:659
  • rhsa
    id RHSA-2005:673
  • rhsa
    id RHSA-2005:709
  • rhsa
    id RHSA-2005:763
  • rhsa
    id RHSA-2005:801
refmap via4
bid 13697
bugtraq 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates
conectiva CLA-2006:1060
confirm
gentoo
  • GLSA-200505-15
  • GLSA-200506-01
mandrake
  • MDKSA-2005:095
  • MDKSA-2005:215
osvdb 16757
sectrack 1016544
secunia
  • 15527
  • 17001
  • 17072
  • 17135
  • 17257
  • 17356
  • 17718
  • 18506
  • 21122
  • 21262
  • 21717
  • 24788
sgi 20060703-01-P
trustix 2005-0025
ubuntu USN-136-1
vupen ADV-2007-1267
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 07-12-2016 - 22:00
Published 24-05-2005 - 00:00
Last modified 19-10-2018 - 11:31
Back to Top