Mandrake Linux Security Advisory : libxml/libxml2 (MDKSA-2004:127)
Critical Nessus Plugin ID 15638
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionMultiple buffer overflows were reported in the libxml XML parsing library. These vulnerabilities may allow remote attackers to execute arbitrary code via a long FTP URL that is not properly handled by the xmlNanoFTPScanURL() function, a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy() function, and other overflows in the code that resolves names via DNS.
The updated packages have been patched to prevent these issues.
SolutionUpdate the affected packages.