gdb 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1130679386
업데이트 : 2005.10.30
상세내용
CAN-2005-1704:
Integer overflow in the Binary File Descriptor (BFD) library for gdb
before 6.3, binutils, elfutils, and possibly other packages, allows
user-complicit attackers to execute arbitrary code via a crafted
object file that specifies a large number of section headers, leading
to a heap-based buffer overflow.
CAN-2005-1705:
gdb before 6.3 searches the current working directory to load the .gdbinit
configuration file, which allows local users to execute arbitrary commands
as the user running gdb.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. gdb-5.3.90-1.i686.rpm
SRPMS :
. gdb-5.3.90-1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1705
|