FreeBSD : yamt -- buffer overflow and directory traversal issues (99b5cfa5-d3d2-11d9-8ffb-00061bc2ad93)
High Nessus Plugin ID 19046
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionStanislav Brabec discovered errors in yamt's path name handling that lead to buffer overflows and directory traversal issues. When processing a file with a maliciously crafted ID3 tag, yamt might overwrite arbitrary files or possibly execute arbitrary code.
The SuSE package ChangeLog contains :
- Several security fixes (#49337) :
- directory traversal in rename
- directory traversal in sort
- buffer overflow in sort
- buffer overflow in rename
SolutionUpdate the affected package.