CentOS Update For Ed CESA-2008:0946 Centos4 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

ed is a line-oriented text editor, used to create, display, and modify text files (both interactively and via shell scripts). A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor. (CVE-2008-3916) Users of ed should upgrade to this updated package, which contains a backported patch to resolve this issue.

Affected

ed on CentOS 4

References

http://lists.centos.org/pipermail/centos-announce/2008-October/015357.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3916
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0430 (xpdf)
CentOS Security Advisory CESA-2009:1185 (seamonkey)
CentOS Security Advisory CESA-2009:1178 (python)
CentOS Security Advisory CESA-2009:0326 (kernel)
CentOS Security Advisory CESA-2009:0333-01 (libpng)

CentOS Update for ed CESA-2008:0946 centos4 i386

Take action and discover your vulnerabilities