VUPEN Security - Fedora Security Update Fixes GNU Texinfo Texindex Buffer Overflow Vulnerability / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Fedora Security Update Fixes GNU Texinfo Texindex Buffer Overflow Vulnerability

Title : Fedora Security Update Fixes GNU Texinfo Texindex Buffer Overflow Vulnerability
VUPEN ID : VUPEN/ADV-2006-4440
CVE ID : CVE-2006-4810
Rated as : Low Risk

Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2006-11-10

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Receive VUPEN Security notifications by SMS

Fedora has released updated packages to address a vulnerability identified in GNU Texinfo. This flaw could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-4412

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

f5188899ac422e27dc33976295fb48a8c827ac0d SRPMS/texinfo-4.8-9.2.fc5.2.src.rpm
f5188899ac422e27dc33976295fb48a8c827ac0d noarch/texinfo-4.8-9.2.fc5.2.src.rpm
cfaf7a4324443d9feb2ae31c31d407360b10ef44 ppc/info-4.8-9.2.fc5.2.ppc.rpm
66f95c0648807b995ba8240f52d4302d1b457b97 ppc/texinfo-4.8-9.2.fc5.2.ppc.rpm
fcb275cd9b379dcd0556e6c9ea53d839e3d8ffd8 ppc/debug/texinfo-debuginfo-4.8-9.2.fc5.2.ppc.rpm
ebdd0b5a1422a15a29a6a16b4558fed2b72d29bc x86_64/debug/texinfo-debuginfo-4.8-9.2.fc5.2.x86_64.rpm
54f1f135f13c5d676eb84cc7a48d4834f1c2bf8a x86_64/texinfo-4.8-9.2.fc5.2.x86_64.rpm
97b1c71f6fa358102c199cb871edc6c10d85b3a9 x86_64/info-4.8-9.2.fc5.2.x86_64.rpm
759ed6ff389e0dccdf1a4690fd66f24a788807f1 i386/info-4.8-9.2.fc5.2.i386.rpm
d90f611c6a627b4e4a6cf5189b29693dcb34c54c i386/debug/texinfo-debuginfo-4.8-9.2.fc5.2.i386.rpm
a916c07b423998805a98ec2402112fdd70543428 i386/texinfo-4.8-9.2.fc5.2.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

ff4f6fdfe252031027249a0876907b07fa2ed623 SRPMS/texinfo-4.8-14.fc6.src.rpm
ff4f6fdfe252031027249a0876907b07fa2ed623 noarch/texinfo-4.8-14.fc6.src.rpm
927d61dd8b625b8cbc7c59863d38e3ac1dca58d4 ppc/debug/texinfo-debuginfo-4.8-14.fc6.ppc.rpm
48b36e3701fa9edef36d65ea302560fc34a0ce78 ppc/texinfo-4.8-14.fc6.ppc.rpm
618fbbd10e1b41984d1211df5cce50851e4cdc23 ppc/texinfo-tex-4.8-14.fc6.ppc.rpm
c90758684f2477d39339e613115c1f5cfae8a858 ppc/info-4.8-14.fc6.ppc.rpm
7ab901ef95087fbaa4e9af3dd244631cb025d1dd x86_64/texinfo-4.8-14.fc6.x86_64.rpm
2954f9dbecf9693b56399eab5b1dca91b7069bdb x86_64/info-4.8-14.fc6.x86_64.rpm
45a9100f1c1de7082d1ac170d74a50b460f234c8 x86_64/debug/texinfo-debuginfo-4.8-14.fc6.x86_64.rpm
161a7e402e1b3e8fa48d0a2d1614a201878b7e79 x86_64/texinfo-tex-4.8-14.fc6.x86_64.rpm
6f474823eb6309da1abe0d72bc4c207ba95a641d i386/info-4.8-14.fc6.i386.rpm
dabc49568736ff1762cf8ead87009434c892a7f7 i386/texinfo-4.8-14.fc6.i386.rpm
0555e95a3344612edb858270756ee7849f9c4872 i386/debug/texinfo-debuginfo-4.8-14.fc6.i386.rpm
96c2266e0fc2c6a82b8f6f43cc16b646db2ec848 i386/texinfo-tex-4.8-14.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2006/4440
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00067.html
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00068.html

ChangeLog

2006-11-10 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

>> 2009-05-12

Microsoft Patched 14
Office PowerPoint Flaws

>> 2009-04-28

Adobe Reader / Acrobat
Vulnerabilities Disclosed

More Informations