MDKSA-2000:049

Package name

eject

Date

2000-09-14

Advisory ID

MDKSA-2000:049

Affected versions

6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problem description

The eject program contains severable exploitable buffers which can be overflowed by local users and exposing root privileges. However, this can only be exploited if eject is setuid root. Linux-Mandrake does not ship eject setuid root and is therefore not vulnerable to this problem.

Updated packages

6.1 i586

 na 6.1/RPMS/na

6.0 i586

 na 6.0/RPMS/na

7.0 i586

 na 7.0/RPMS/na

7.1 i586

 na 7.1/RPMS/na