From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- metadata/glsa/glsa-200610-12.xml | 63 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 metadata/glsa/glsa-200610-12.xml (limited to 'metadata/glsa/glsa-200610-12.xml') diff --git a/metadata/glsa/glsa-200610-12.xml b/metadata/glsa/glsa-200610-12.xml new file mode 100644 index 000000000000..8f89b31d658d --- /dev/null +++ b/metadata/glsa/glsa-200610-12.xml @@ -0,0 +1,63 @@ + + + + Apache mod_tcl: Format string vulnerability + + A format string vulnerabilty has been found in Apache mod_tcl, which could + lead to the remote execution of arbitrary code. + + mod_tcl + 2006-10-24 + 2006-10-24: 01 + 151359 + remote + + + 1.0.1 + 1.0.1 + + + +

+ Apache mod_tcl is a TCL interpreting module for the Apache 2.x web + server. +

+ + +

+ Sparfell discovered format string errors in calls to the set_var + function in tcl_cmds.c and tcl_core.c. +

+ + +

+ A remote attacker could exploit the vulnerability to execute arbitrary + code with the rights of the user running the Apache server. +

+ + +

+ There is no known workaround at this time. +

+ + +

+ All mod_tcl users should upgrade to the latest version: +

+ + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apache/mod_tcl-1.0.1" + + + CVE-2006-4154 + + + falco + + + falco + + + vorlon078 + + -- cgit v1.2.3