Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-0224

Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name).

Related bugs and status

CVE-2006-0224 (Candidate) is related to these bugs:

Bug #29464: Buffer overflow in conf.c

Summary				In	Importance	Status
	29464	Buffer overflow in conf.c		libast (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 16350
MISC: http://www.rosiello.or...
GENTOO: GLSA-200601-14
SECUNIA: 18586
SECUNIA: 18632
DEBIAN: DSA-976
OSVDB: 22735
SECUNIA: 18916
SREASON: 373
MANDRIVA: MDKSA-2006:029
VUPEN: ADV-2006-0314
CONFIRM: http://freshmeat.net/p...
XF: eterm-libast-filename-...
BUGTRAQ: 20060123 [ Rosiello Se...
BUGTRAQ: 20060123 LibAST 0.7 Re...
BUGTRAQ: 20060125 Rosiello Secu...