243242 – sys-apps/ed-1.0 (CVE-2008-3916)

Bug 243242 - sys-apps/ed-1.0 (CVE-2008-3916)

Summary: sys-apps/ed-1.0 (CVE-2008-3916)

Status:	RESOLVED DUPLICATE of bug 236521

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Low trivial (vote)
Assignee:	Gentoo Security

URL:	http://rhn.redhat.com/errata/RHSA-200...
Whiteboard:	B4 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2008-10-22 16:39 UTC by Stefan Behte (RETIRED)
Modified:	2008-10-22 16:42 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Behte (RETIRED) gentoo-dev

2008-10-22 16:39:23 UTC

ed is a line-oriented text editor, used to create, display, and modify
text files (both interactively and via shell scripts).

A heap-based buffer overflow was discovered in the way ed, the GNU line
editor, processed long file names. An attacker could create a file with a
specially-crafted name that could possibly execute an arbitrary code when
opened in the ed editor. (CVE-2008-3916)


IMHO: very unlikely to be exploited.

Comment 1 Stefan Behte (RETIRED) gentoo-dev

2008-10-22 16:42:05 UTC

D'oh. Sorry!


*** This bug has been marked as a duplicate of bug 236521 ***