- Advisory ID
- Betroffene Versionen
- 9.2 i586
Paul Herman discovered a format string vulnerability in tripwire that could allow a local user to execute arbitrary code with the rights of the user running tripwire (typically root). This vulnerability only exists when tripwire is generating an email report. Update: The packages previously released for Mandrakelinux 9.2 would segfault when doing a check due to compilation problems. The updated packages correct the problem.
41dc4b726c3538ce29ff43cc21dce2d7 9.2/RPMS/tripwire-22.214.171.124-7.2.92mdk.i586.rpm 5e57f7157f206ff20a8a1d425734c84e 9.2/SRPMS/tripwire-126.96.36.199-7.2.92mdk.src.rpm