CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
75.4%
CentOS Errata and Security Advisory CESA-2008:0946
ed is a line-oriented text editor, used to create, display, and modify
text files (both interactively and via shell scripts).
A heap-based buffer overflow was discovered in the way ed, the GNU line
editor, processed long file names. An attacker could create a file with a
specially-crafted name that could possibly execute an arbitrary code when
opened in the ed editor. (CVE-2008-3916)
Users of ed should upgrade to this updated package, which contains
a backported patch to resolve this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-October/077496.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077497.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077500.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077501.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077504.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077506.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077508.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077510.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077518.html
https://lists.centos.org/pipermail/centos-announce/2008-October/077519.html
Affected packages:
ed
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0946
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | i386 | ed | < 0.2-33.30E.1 | ed-0.2-33.30E.1.i386.rpm |
CentOS | 3 | x86_64 | ed | < 0.2-33.30E.1 | ed-0.2-33.30E.1.x86_64.rpm |
CentOS | 5 | x86_64 | ed | < 0.2-39.el5_2 | ed-0.2-39.el5_2.x86_64.rpm |
CentOS | 5 | i386 | ed | < 0.2-39.el5_2 | ed-0.2-39.el5_2.i386.rpm |
CentOS | 3 | ia64 | ed | < 0.2-33.30E.1 | ed-0.2-33.30E.1.ia64.rpm |
CentOS | 4 | ia64 | ed | < 0.2-36.c4.1 | ed-0.2-36.c4.1.ia64.rpm |
CentOS | 3 | s390 | ed | < 0.2-33.30E.1 | ed-0.2-33.30E.1.s390.rpm |
CentOS | 3 | s390x | ed | < 0.2-33.30E.1 | ed-0.2-33.30E.1.s390x.rpm |
CentOS | 4 | s390 | ed | < 0.2-36.c4.1 | ed-0.2-36.c4.1.s390.rpm |
CentOS | 4 | s390x | ed | < 0.2-36.c4.1 | ed-0.2-36.c4.1.s390x.rpm |