|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2008:0946|
The remote host is missing updates announced in
ed is a line-oriented text editor, used to create, display, and modify
text files (both interactively and via shell scripts).
A heap-based buffer overflow was discovered in the way ed, the GNU line
editor, processed long file names. An attacker could create a file with a
specially-crafted name that could possibly execute an arbitrary code when
opened in the ed editor. (CVE-2008-3916)
Users of ed should upgrade to this updated package, which contains
a backported patch to resolve this issue.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Risk factor : Critical
Common Vulnerability Exposure (CVE) ID: CVE-2008-3916|
BugTraq ID: 30815
Bugtraq: 20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed (Google Search)
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
XForce ISS Database: gnued-stripescapes-bo(44643)
|Copyright||Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.