LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

The sad story of the em28xx driver

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

less: heap based buffer overflow

Package(s):less CVE #(s):CAN-2005-0086
Created:March 8, 2005 Updated:March 9, 2005
Description: Victor Ashik discovered a heap based buffer overflow in less, caused by a patch added to the less package in Red Hat Linux 9. An attacker could construct a carefully crafted file that could cause less to crash or possibly execute arbitrary code when opened.
Alerts:
Fedora-Legacy FLSA:2404 2005-03-07
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds