ID CVE-2007-5497
Summary Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
References
Vulnerable Configurations
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.02
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.03
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.04
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.05
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.06
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.07
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.08
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.09
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.10
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.11
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.12
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.13
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.14
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.15
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.16
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.17
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.18
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.19
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.20
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.21
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.22
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.23
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.24
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.25
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.26
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.27
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.28
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.29
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.30
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.31
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.32
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.33
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.34
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.35
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.36
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.37
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.38
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.39
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.1
  • cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.2
    cpe:2.3:a:ext2_filesystems_utilities:e2fsprogs:1.40.2
CVSS
Base: 5.8 (as of 07-12-2007 - 09:52)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4447.NASL
    description This update fixes : - Bug #414581 - CVE-2007-5497 e2fsprogs multiple integer overflows [F8] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-05
    plugin id 30025
    published 2008-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30025
    title Fedora 8 : e2fsprogs-1.40.2-12.fc8 (2007-4447)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11997.NASL
    description This update of e2fsprogs fixes several integer overflows in memory allocating code. Programs that use libext2fs are therefore vulnerable to memory corruptions that can lead to arbitrary code execution while loading a specially crafted image. (CVE-2007-5497)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41168
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41168
    title SuSE9 Security Update : e2fsprogs (YOU Patch Number 11997)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_299E3F81AEE711DCB7810016179B2DD5.NASL
    description Theodore Y. Ts'o reports : Fix a potential security vulnerability where an untrusted filesystem can be corrupted in such a way that a program using libext2fs will allocate a buffer which is far too small. This can lead to either a crash or potentially a heap-based buffer overflow crash. No known exploits exist, but main concern is where an untrusted user who possesses privileged access in a guest Xen environment could corrupt a filesystem which is then accessed by thus allowing the untrusted user to gain privileged access in the host OS. Thanks to the McAfee AVERT Research group for reporting this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 29769
    published 2007-12-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29769
    title FreeBSD : e2fsprogs -- heap buffer overflow (299e3f81-aee7-11dc-b781-0016179b2dd5)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0003.NASL
    description From Red Hat Security Advisory 2008:0003 : Updated e2fsprogs packages that fix several security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The e2fsprogs packages contain a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second and third extended (ext2/ext3) file systems. Multiple integer overflow flaws were found in the way e2fsprogs processes file system content. If a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized environment to gain access to other virtualized hosts. (CVE-2007-5497) Red Hat would like to thank Rafal Wojtczuk of McAfee Avert Research for responsibly disclosing these issues. Users of e2fsprogs are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67630
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67630
    title Oracle Linux 3 / 4 / 5 : e2fsprogs (ELSA-2008-0003)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0003.NASL
    description Updated e2fsprogs packages that fix several security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The e2fsprogs packages contain a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second and third extended (ext2/ext3) file systems. Multiple integer overflow flaws were found in the way e2fsprogs processes file system content. If a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized environment to gain access to other virtualized hosts. (CVE-2007-5497) Red Hat would like to thank Rafal Wojtczuk of McAfee Avert Research for responsibly disclosing these issues. Users of e2fsprogs are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 29876
    published 2008-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29876
    title RHEL 2.1 / 3 / 4 / 5 : e2fsprogs (RHSA-2008:0003)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-555-1.NASL
    description Rafal Wojtczuk discovered multiple integer overflows in e2fsprogs. If a user or automated system were tricked into fscking a malicious ext2/ext3 filesystem, a remote attacker could execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 29305
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29305
    title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : e2fsprogs vulnerability (USN-555-1)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2008-0004.NASL
    description Updated e2fsprogs package address multiple integer overflow flaws Thanks to Rafal Wojtczuk of McAfee Avert Research for identifying and reporting this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5497 to this issue.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 40375
    published 2009-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40375
    title VMSA-2008-0004 : Low: Updated e2fsprogs service console package
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1422.NASL
    description Rafal Wojtczuk of McAfee AVERT Research discovered that e2fsprogs, the ext2 file system utilities and libraries, contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These could result in heap-based overflows potentially allowing the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 29257
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29257
    title Debian DSA-1422-1 : e2fsprogs - integer overflows
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200712-13.NASL
    description The remote host is affected by the vulnerability described in GLSA-200712-13 (E2fsprogs: Multiple buffer overflows) Rafal Wojtczuk (McAfee AVERT Research) discovered multiple integer overflows in libext2fs, that are triggered when processing information from within the file system, resulting in heap-based buffer overflows. Impact : An attacker could entice a user to process a specially crafted ext2 or ext3 file system image (with tools linking against libext2fs, e.g. fsck, forensic tools or Xen's pygrub), possibly resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 29733
    published 2007-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29733
    title GLSA-200712-13 : E2fsprogs: Multiple buffer overflows
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0003.NASL
    description Updated e2fsprogs packages that fix several security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The e2fsprogs packages contain a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second and third extended (ext2/ext3) file systems. Multiple integer overflow flaws were found in the way e2fsprogs processes file system content. If a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized environment to gain access to other virtualized hosts. (CVE-2007-5497) Red Hat would like to thank Rafal Wojtczuk of McAfee Avert Research for responsibly disclosing these issues. Users of e2fsprogs are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 29901
    published 2008-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29901
    title CentOS 3 / 4 / 5 : e2fsprogs (CESA-2008:0003)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080107_E2FSPROGS_ON_SL5_X.NASL
    description Multiple integer overflow flaws were found in the way e2fsprogs processes file system content. If a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized environment to gain access to other virtualized hosts. (CVE-2007-5497)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60340
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60340
    title Scientific Linux Security Update : e2fsprogs on SL5.x, SL4.x, SL3.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_E2FSPROGS-4739.NASL
    description This update of e2fsprogs fixes several integer overflows in memory allocating code. Programs that use libext2fs are therefore vulnerable to memory corruptions that can lead to arbitrary code execution while loading a specially crafted image. (CVE-2007-5497)
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 29243
    published 2007-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29243
    title openSUSE 10 Security Update : e2fsprogs (e2fsprogs-4739)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-242.NASL
    description Rafal Wojtczuk of McAfee AVERT Research found that e2fsprogs contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These flaws could result in heap-based overflows potentially allowing for the execution of arbitrary code. The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 29299
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29299
    title Mandrake Linux Security Advisory : e2fsprogs (MDKSA-2007:242)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12019.NASL
    description This update of e2fsprogs fixes several integer overflows in memory allocating code. Programs that use libext2fs are therefore vulnerable to memory corruptions that can lead to arbitrary code execution while loading a specially crafted image. (CVE-2007-5497)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41177
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41177
    title SuSE9 Security Update : e2fsprogs (YOU Patch Number 12019)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4461.NASL
    description This update fixes : - Bug #414571 - CVE-2007-5497 e2fsprogs multiple integer overflows [F7] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-05
    plugin id 30026
    published 2008-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30026
    title Fedora 7 : e2fsprogs-1.40.2-3.fc7 (2007-4461)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_E2FSPROGS-4743.NASL
    description This update of e2fsprogs fixes several integer overflows in memory allocating code. Programs that use libext2fs are therefore vulnerable to memory corruptions that can lead to arbitrary code execution while loading a specially crafted image. (CVE-2007-5497)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29415
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29415
    title SuSE 10 Security Update : e2fsprogs (ZYPP Patch Number 4743)
oval via4
accepted 2013-04-29T04:05:20.112-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
family unix
id oval:org.mitre.oval:def:10399
status accepted
submitted 2010-07-09T03:56:16-04:00
title Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
version 24
redhat via4
advisories
bugzilla
id 403441
title CVE-2007-5497 e2fsprogs multiple integer overflows
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • OR
      • AND
        • comment e2fsprogs is earlier than 0:1.32-15.4
          oval oval:com.redhat.rhsa:tst:20080003002
        • comment e2fsprogs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080003003
      • AND
        • comment e2fsprogs-devel is earlier than 0:1.32-15.4
          oval oval:com.redhat.rhsa:tst:20080003004
        • comment e2fsprogs-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080003005
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment e2fsprogs is earlier than 0:1.35-12.11.el4_6.1
          oval oval:com.redhat.rhsa:tst:20080003007
        • comment e2fsprogs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080003003
      • AND
        • comment e2fsprogs-devel is earlier than 0:1.35-12.11.el4_6.1
          oval oval:com.redhat.rhsa:tst:20080003008
        • comment e2fsprogs-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080003005
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment e2fsprogs is earlier than 0:1.39-10.el5_1.1
          oval oval:com.redhat.rhsa:tst:20080003010
        • comment e2fsprogs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080003011
      • AND
        • comment e2fsprogs-devel is earlier than 0:1.39-10.el5_1.1
          oval oval:com.redhat.rhsa:tst:20080003014
        • comment e2fsprogs-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080003015
      • AND
        • comment e2fsprogs-libs is earlier than 0:1.39-10.el5_1.1
          oval oval:com.redhat.rhsa:tst:20080003012
        • comment e2fsprogs-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080003013
rhsa
id RHSA-2008:0003
released 2008-01-07
severity Moderate
title RHSA-2008:0003: e2fsprogs security update (Moderate)
rpms
  • e2fsprogs-0:1.32-15.4
  • e2fsprogs-devel-0:1.32-15.4
  • e2fsprogs-0:1.35-12.11.el4_6.1
  • e2fsprogs-devel-0:1.35-12.11.el4_6.1
  • e2fsprogs-0:1.39-10.el5_1.1
  • e2fsprogs-devel-0:1.39-10.el5_1.1
  • e2fsprogs-libs-0:1.39-10.el5_1.1
refmap via4
bid 26772
bugtraq
  • 20080212 FLEA-2008-0005-1 e2fsprogs
  • 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package
confirm
debian DSA-1422
fedora
  • FEDORA-2007-4447
  • FEDORA-2007-4461
hp
  • HPSBMA02554
  • SSRT100018
mandriva MDKSA-2007:242
mlist [Security-announce] 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package
sectrack 1019537
secunia
  • 27889
  • 27965
  • 27987
  • 28000
  • 28030
  • 28042
  • 28360
  • 28541
  • 28648
  • 29224
  • 32774
  • 40551
suse SUSE-SR:2007:025
ubuntu USN-555-1
vupen
  • ADV-2007-4135
  • ADV-2008-0761
  • ADV-2010-1796
xf e2fsprogs-libext2fs-integer-overflow(38903)
Last major update 30-10-2012 - 22:45
Published 07-12-2007 - 06:46
Last modified 15-10-2018 - 17:45
Back to Top