blob: 5214bf2e44b982e6dc3415799aaf30d53bea90a3 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200809-15">
<title>GNU ed: User-assisted execution of arbitrary code</title>
A buffer overflow vulnerability in ed may allow for the remote execution of
arbitrary code.
<product type="ebuild">ed</product>
<announced>September 23, 2008</announced>
<revised>September 23, 2008: 01</revised>
<package name="sys-apps/ed" auto="yes" arch="*">
<unaffected range="ge">1.0</unaffected>
<vulnerable range="lt">1.0</vulnerable>
GNU ed is a basic line editor. red is a restricted version of ed that
does not allow shell command execution.
Alfredo Ortega from Core Security Technologies reported a heap-based
buffer overflow in the strip_escapes() function when processing overly
long filenames.
<impact type="normal">
A remote attacker could entice a user to process specially crafted
commands with ed or red, possibly resulting in the execution of
arbitrary code with the privileges of the user running the application.
There is no known workaround at this time.
All GNU ed users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=sys-apps/ed-1.0&quot;</code>
<uri link="">CVE-2008-3916</uri>
<metadata tag="requester" timestamp="Sun, 14 Sep 2008 11:31:13 +0000">
<metadata tag="submitter" timestamp="Thu, 18 Sep 2008 21:37:26 +0000">
<metadata tag="bugReady" timestamp="Thu, 18 Sep 2008 21:37:35 +0000">