Synopsis: Low: cpio security and bug fix update
Issue date: 2007-05-01
CVE Names: CVE-2005-4268
A buffer overflow was found in cpio on 64-bit platforms. By tricking a
user into adding a specially crafted large file to a cpio archive, a local
attacker may be able to exploit this flaw to execute arbitrary code with
the target user's privileges. (CVE-2005-4268)
SRPMS:
cpio-2.5-13.RHEL4.src.rpm
i386:
cpio-2.5-13.RHEL4.i386.rpm
x86_64:
cpio-2.5-13.RHEL4.x86_64.rpm
-Connie Sieh
-Troy Dawson