March 8, 2002

Security update to mod_frontpage

Author: JT Smith

LWN.net has the Mandrake notice: "A problem was found in versions of improved mod_frontpage prior to
1.6.1 regarding a lack of boundary checks in fpexec.c. This means that
the suid root binary is exploitable for buffer overflows. This could
be exploited by remote attackers to execute arbitrary code on the
server with superuser privileges. Although there are no known exploits
available, if you use mod_frontpage you are strongly encouraged to
upgrade."

Category:

  • Linux
Click Here!