Lucene search

K
centosCentOS ProjectCESA-2008:0946
HistoryOct 21, 2008 - 4:07 p.m.

ed security update

2008-10-2116:07:40
CentOS Project
lists.centos.org
51

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

75.4%

CentOS Errata and Security Advisory CESA-2008:0946

ed is a line-oriented text editor, used to create, display, and modify
text files (both interactively and via shell scripts).

A heap-based buffer overflow was discovered in the way ed, the GNU line
editor, processed long file names. An attacker could create a file with a
specially-crafted name that could possibly execute an arbitrary code when
opened in the ed editor. (CVE-2008-3916)

Users of ed should upgrade to this updated package, which contains
a backported patch to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-October/077496.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077497.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077500.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077501.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077504.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077506.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077508.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077510.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077518.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077519.html

Affected packages:
ed

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0946

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

75.4%