CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

More Big Security Holes In Linux!   Logged in as: Guest
Viewers: 729 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Linux News >> More Big Security Holes In Linux! Page: [1]
Message << Older Topic   Newer Topic >>
More Big Security Holes In Linux! - 9/9/2004 5:17:04 PM   

Posts: 12103
Joined: 7/4/2003
From: Melbourne, Victoria, AUS
Status: offline
Open-source developers have warned of serious security holes in two Linux components that could allow attackers to take over a system by tricking a user into viewing a specially crafted image file or opening an archive. Patches exist for the bugs, which affect LHA and imlib.

Imlib, a library for graphics-viewing applications used in the Gnome graphical user environment, contains a bug that could allow the execution of malicious code when a user views a specially crafted bit-map image file, according to Marcus Meissner of Novell Inc.'s Suse Linux. The vulnerability is due to a boundary error in the decoding of runlength-encoded bitmap images, which can be exploited to cause a buffer overflow, according to an advisory from Danish security firm Secunia, which maintains a vulnerabilities database.

Gentoo, MandrakeSoft SA and other Linux vendors have begun distributing fixes for the bug, and a patch is also available from the Gnome project. Imlib 1.x and imlib2 1.x are affected.

Source : InfoWorld
Post #: 1
Page:   [1]
All Forums >> [News Around The Web] >> Linux News >> More Big Security Holes In Linux! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts

Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI