Gentoo Security Advisory GLSA 200603-12 (zoo) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200603-12.

Solution

All zoo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/zoo-2.10-r2' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200603-12 http://bugs.gentoo.org/show_bug.cgi?id=125622 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426

Insight

A buffer overflow in zoo may be exploited to execute arbitrary when creating archives of specially crafted directories and files.

Severity

Classification

CVE CVE-2006-1269
CVSS Base Score: 6.2
AV:L/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200402-04 (Gallery)
Gentoo Security Advisory GLSA 200412-05 (mirrorselect)
Gentoo Security Advisory GLSA 200502-13 (Perl)
Gentoo Security Advisory GLSA 200502-16 (htdig)
Gentoo Security Advisory GLSA 200312-08 (cvs)

Take action and discover your vulnerabilities