CVE-2008-4575 Information

Description

Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to \a bunch of potential string overflows.\

Reference

http://secunia.com/advisories/32363 http://www.openwall.com/lists/oss-security/2008/10/15/6 http://www.securityfocus.com/bid/31770 http://www.sentex.net/~mwandel/jhead/changes.txt https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00511.html https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00531.html