Gentoo: monopd buffer overflow vulnerability
Posted by LinuxSecurity.com Team   
Gentoo A buffer overflow exist in the messaging framework which would allow a remote user to execute commands as the user running the game server.

- --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200301-5
- --------------------------------------------------------------------

PACKAGE : monopd
SUMMARY : buffer overflow
DATE    : 2003-01-06 12:01 UTC
EXPLOIT : remote

- --------------------------------------------------------------------

A buffer overflow exist in the messaging framework which would allow
a remote user to execute commands as the user running the game server.

More information is available at 
http://www.securitytracker.com/alerts/2002/Dec/1005856.html

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-games/monopd-0.4.3-r1 or earlier update their systems as
follows:

emerge rsync
emerge monopd
emerge clean

- --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
hannes@gentoo.org
- --------------------------------------------------------------------