Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0003

The remote host is missing updates announced in
advisory RHSA-2008:0003.

The e2fsprogs packages contain a number of utilities for creating,
checking, modifying, and correcting any inconsistencies in second and third
extended (ext2/ext3) file systems.

Multiple integer overflow flaws were found in the way e2fsprogs processes
file system content. If a victim opens a carefully crafted file system with
a program using e2fsprogs, it may be possible to execute arbitrary code
with the permissions of the victim. It may be possible to leverage this
flaw in a virtualized environment to gain access to other virtualized
hosts. (CVE-2007-5497)

Red Hat would like to thank Rafal Wojtczuk of McAfee Avert Research for
responsibly disclosing these issues.

Users of e2fsprogs are advised to upgrade to these updated packages, which
contain a backported patch to resolve these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-5497
BugTraq ID: 26772
Bugtraq: 20080212 FLEA-2008-0005-1 e2fsprogs (Google Search)
Bugtraq: 20080303 VMSA-2008-0004 Low: Updated e2fsprogs service console package (Google Search)
Debian Security Information: DSA-1422 (Google Search)
HPdes Security Advisory: HPSBMA02554
HPdes Security Advisory: SSRT100018
SuSE Security Announcement: SUSE-SR:2007:025 (Google Search)
XForce ISS Database: e2fsprogs-libext2fs-integer-overflow(38903)
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.