blob: e0cffee1a59a0585239547331732ebd8980072ff [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200501-01">
<title>LinPopUp: Buffer overflow in message reply</title>
LinPopUp contains a buffer overflow potentially allowing execution of
arbitrary code.
<product type="ebuild">Linpopup</product>
<announced>January 04, 2005</announced>
<revised>January 04, 2005: 01</revised>
<package name="net-im/linpopup" auto="yes" arch="*">
<unaffected range="ge">2.0.4-r1</unaffected>
<vulnerable range="lt">2.0.4-r1</vulnerable>
LinPopUp is a graphical application that acts as a frontend to
Samba client messaging functions, allowing a Linux desktop to
communicate with a Microsoft Windows computer that runs Winpopup.
Stephen Dranger discovered that LinPopUp contains a buffer
overflow in string.c, triggered when replying to a remote user message.
<impact type="normal">
A remote attacker could craft a malicious message that, when
replied using LinPopUp, would exploit the buffer overflow. This would
result in the execution of arbitrary code with the privileges of the
user running LinPopUp.
There is no known workaround at this time.
All LinPopUp users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=net-im/linpopup-2.0.4-r1&quot;</code>
<uri link="">CAN-2004-1282</uri>
<uri link="">Stephen Dranger Advisory</uri>
<metadata tag="requester" timestamp="Fri, 31 Dec 2004 10:20:27 +0000">
<metadata tag="submitter" timestamp="Sat, 1 Jan 2005 22:08:20 +0000">
<metadata tag="bugReady" timestamp="Sat, 1 Jan 2005 22:15:30 +0000">