Gentoo: lcdproc remote code execution vulnerability
Posted by LinuxSecurity.com Team   
Gentoo The vulnerabilities in LCDproc allow an attacker to remotely execute arbitrary code or cause the LCDproc server to crash.

- --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200301-7
- --------------------------------------------------------------------

PACKAGE : lcdproc
SUMMARY : remote code execution
DATE    : 2003-01-07 21:01 UTC
EXPLOIT : remote

- --------------------------------------------------------------------

From advisory:

"The vulnerabilities in LCDproc allow an attacker to remotely execute
arbitrary code or cause the LCDproc server to crash."

Read the full advisory at 
http://online.securityfocus.com/archive/1/56411

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-misc/lcdproc-0.4.1-r1 or earlier update their systems as
follows:

emerge rsync
emerge lcdproc
emerge clean

- --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- --------------------------------------------------------------------