You are here

CVE-2005-4268

Vincent (CVE) Danen's picture
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.

Details Source

Mitre

Statement

This issue was addressed in Red Hat Enterprise Linux 4 via https://rhn.redhat.com/errata/RHSA-2007-0245.html and in Red Hat Enterprise Linux 3 via https://rhn.redhat.com/errata/RHSA-2010-0145.html.

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Public Date

2005-11-07 00:00:00

Impact

Low

Bugzilla

CVE-2005-4268 cpio large filesize buffer overflow

Bugzilla ID

229 191

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (cpio) RHSA-2007:0245 2007-05-01
Red Hat Enterprise Linux 3 (cpio) RHSA-2010:0145 2010-03-16