cscope 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1246387044
업데이트 : 2009.07.01
상세내용
- 보안버그 수정 사항
. CVE-2004-2541
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote
attackers to execute arbitrary code via a C file with a long #include line that
is later browsed by the target.
. CVE-2009-0148
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to
execute arbitrary code via long strings in input such as (1) source-code
tokens and (2) pathnames, related to integer overflows in some cases.
NOTE: this issue exists because of an incomplete fix for CVE-2004-2541.
Autoupdates 지원 : 지원안함
pkgadd -F 'cscope'
update 패키지
RPMS :
. cscope-15.5-15.1.1.i686.rpm
SRPMS :
. cscope-15.5-15.1.1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148
|