CVE-2006-0224 Information

Description

Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier as used in Eterm and possibly other software allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name).

Reference

http://freshmeat.net/projects/libast/?branch_id=17907&release_id=217840 http://secunia.com/advisories/18586 http://secunia.com/advisories/18632 http://secunia.com/advisories/18916 http://securityreason.com/securityalert/373 http://www.debian.org/security/2006/dsa-976 http://www.gentoo.org/security/en/glsa/glsa-200601-14.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:029 http://www.osvdb.org/22735 http://www.rosiello.org/en/read_bugs.php?id=25 http://www.securityfocus.com/archive/1/423088/100/0/threaded http://www.securityfocus.com/archive/1/423207/100/0/threaded http://www.securityfocus.com/archive/1/423366/100/0/threaded http://www.securityfocus.com/bid/16350 http://www.vupen.com/english/advisories/2006/0314 https://exchange.xforce.ibmcloud.com/vulnerabilities/24303