|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2007:0469|
The remote host is missing updates announced in
GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion and then printing
Various buffer overflows and underflows were found in the DWARF expression
computation stack in GDB. If an attacker could trick a user into loading
an executable containing malicious debugging information into GDB, they may
be able to execute arbitrary code with the privileges of the user.
This updated package also addresses the following issues:
* Support on 64-bit hosts shared libraries debuginfo larger than 2GB.
* Fix a race occasionally leaving the detached processes stopped.
* Fix segmentation fault on the source display by ^X 1.
* Fix a crash on an opaque type dereference.
All users of gdb should upgrade to this updated package, which contains
backported patches to resolve these issues.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2006-4146|
BugTraq ID: 19802
SGI Security Advisory: 20070602-01-P
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.