CentOS Update For Ed CESA-2008:0946-01 Centos2 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

ed is a line-oriented text editor, used to create, display, and modify text files (both interactively and via shell scripts). A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor. (CVE-2008-3916) Users of ed should upgrade to this updated package, which contains a backported patch to resolve this issue.

Affected

ed on CentOS 2

References

http://lists.centos.org/pipermail/centos-announce/2008-October/015337.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3916

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CentOS Security Advisory CESA-2009:1205 (httpd)
CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
CentOS Security Advisory CESA-2009:1060 (pidgin)
CentOS Security Advisory CESA-2009:1101 (cscope)
CentOS Security Advisory CESA-2009:123 (gnutls)

CentOS Update for ed CESA-2008:0946-01 centos2 i386

Take action and discover your vulnerabilities