Gentoo: 200305-03 Critical Advisory for Kopete Remote Exploit

gentoo

May 14, 2003

The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.

Summary


GENTOO LINUX SECURITY ANNOUNCEMENT 200305-03


The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the 
command line when executing gpg, which allows remote attackers to 
execute arbitrary commands.

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-im/kopete upgrade to kopete-0.6.2 as follows:

emerge sync
emerge kopete
emerge clean

aliz@gentoo.org - GnuPG key is available at

Topics Covered

security advisory gentoo remote exploit critical command execution upgrade recommendation kopete

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity

critical

Lowest

Low

Medium

High

Critical

PACKAGE : kopete

SUMMARY : Unsafe command line cleansing

DATE : 2003-05-14 07:39 UTC

EXPLOIT : remote

VERSIONS AFFECTED : =kopete-0.6.2

CVE : CAN-2003-0256

Topics Covered

security advisory gentoo remote exploit critical command execution upgrade recommendation kopete

Gentoo: 200305-03 Critical Advisory for Kopete Remote Exploit

Summary

Topics Covered

Resolution

References

Availability

Concerns

Topics Covered

Synopsis

Background

Get the latest News and Insights

Affected Packages

Impact

Workaround

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Gentoo: 200305-03 Critical Advisory for Kopete Remote Exploit

Summary

Topics Covered

Resolution

References

Availability

Concerns

Topics Covered

Synopsis

Background

Get the latest News and Insights

Affected Packages

Impact

Workaround

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!