Mandriva Linux Security Advisory : pcre (MDVSA-2008:147)
High Nessus Plugin ID 36245
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionTavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns.
This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execution of arbitrary code or a denial of service (CVE-2008-2371).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.