what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2007-5497

Status Candidate

Overview

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

Related Files

VMware Security Advisory 2008-0004
Posted Mar 3, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - An updated service console package for e2fsprogs has been released for ESX Server versions 2.5.5 and 2.5.4.

tags | advisory
advisories | CVE-2007-5497
SHA-256 | f93228329d722fd07502d80cfef49213e5058226a673deb79b8e6fe003e8223f
Gentoo Linux Security Advisory 200712-13
Posted Dec 19, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-13 - Rafal Wojtczuk (McAfee AVERT Research) discovered multiple integer overflows in libext2fs, that are triggered when processing information from within the file system, resulting in heap-based buffer overflows. Versions less than 1.40.3 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-5497
SHA-256 | 866e971b4563493024e7b10169ebf99b0e82378c7b6183789c237eb34e4d5b9a
Mandriva Linux Security Advisory 2007.242
Posted Dec 11, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Rafal Wojtczuk of McAfee AVERT Research found that e2fsprogs contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These flaws could result in heap-based overflows potentially allowing for the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-5497
SHA-256 | 071701c0fabaad2f7c1bfdd0ccd4270b11700f8a922c419067def121bde606d8
Ubuntu Security Notice 555-1
Posted Dec 8, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 555-1 - Rafal Wojtczuk discovered multiple integer overflows in e2fsprogs. If a user or automated system were tricked into fscking a malicious ext2/ext3 filesystem, a remote attacker could execute arbitrary code with the user's privileges.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-5497
SHA-256 | e7a11d56eb3e99043e5335502f1292778fc1e5560a03ee905de6011562eb3507
Debian Linux Security Advisory 1422-1
Posted Dec 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1422-1 - Rafal Wojtczuk of McAfee AVERT Research discovered that e2fsprogs, ext2 file system utilities and libraries, contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These could result in heap-based overflows potentially allowing the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-5497
SHA-256 | 39ac95b7fdbd4ff9c4b3c21faf0562cfc7d992c5a75ee9b7bd0f228404fec8e0
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close