FrSIRT - Fedora Security Update Fixes Eggdrop Buffer Overflow Vulnerability / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Eggdrop Buffer Overflow Vulnerability

Title : Fedora Security Update Fixes Eggdrop Buffer Overflow Vulnerability
Advisory ID : FrSIRT/ADV-2007-4161
CVE ID : CVE-2007-2807
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-12-11

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code [...]

Solution

Upgrade the affected packages :

18f6c4b00662b8c6a0d835045a881c0300acdc56 eggdrop-1.6.18-12.fc7.ppc64.rpm
eb99368716d7b2fb485bd5f883f64543a9b5ea55 eggdrop-debuginfo-1.6.18-12.fc7.ppc64.rpm
44d43e8e878db26592df33d53f4f74506406c11d eggdrop-debuginfo-1.6.18-12.fc7.i386.rpm
8755277b184a0e10aeb7fe0fb19345ff95875ea8 eggdrop-1.6.18-12.fc7.i386.rpm
f481765603742285f4b93866ab56f44bb67ca586 eggdrop-1.6.18-12.fc7.x86_64.rpm
97dd5293d8fb8661e81a3558771a1f4fd4af5a24 eggdrop-debuginfo-1.6.18-12.fc7.x86_64.rpm
47db91f33ca9d863ed7c708cd527c49f9ddd9ae7 eggdrop-debuginfo-1.6.18-12.fc7.ppc.rpm
fc533d1b472a2eb3ec2c378548c1ae6f30df2aac eggdrop-1.6.18-12.fc7.ppc.rpm
e78d3bf442af8ca581b4a5cafd8d9e672b6b51fe eggdrop-1.6.18-12.fc7.src.rpm

08861fa855274d30b0874c14f7f8947d79127e39 eggdrop-1.6.18-12.fc8.ppc64.rpm
b26319b04fe09dee6889c4fa6bb873e8b09a02d4 eggdrop-debuginfo-1.6.18-12.fc8.ppc64.rpm
d40660b4ad71218f3a9adb41bbc1d4694d2216e5 eggdrop-1.6.18-12.fc8.i386.rpm
757fdd8b0a371e1610676c091d1d1d1fe797b764 eggdrop-debuginfo-1.6.18-12.fc8.i386.rpm
ce3f29150c90535a6239784ec09ab4ea2c55ba3d eggdrop-debuginfo-1.6.18-12.fc8.x86_64.rpm
a528c1da5ac268298945f71c3f0947b7e476f7b6 eggdrop-1.6.18-12.fc8.x86_64.rpm
58efe02414f0a1102aa34ef31c386bed9254babe eggdrop-debuginfo-1.6.18-12.fc8.ppc.rpm
93b31b9cb3abfc17cc671262ded8287e81414a75 eggdrop-1.6.18-12.fc8.ppc.rpm
7d9df77d72c09e276e6e18260016a9d49b6425e9 eggdrop-1.6.18-12.fc8.src.rpm

ChangeLog

2007-12-11 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Oracle Products Multiple Code Execution and Security Bypass Issues
	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation

	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities
	Apple Xcode Code Execution and Information Disclosure Vulnerabilities
	Apple TV Data Processing Remote Code Execution Vulnerabilities
	Apple Mac OS X Command Execution and Security Bypass Issues
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability