Package(s):	libast	CVE #(s):	CVE-2006-0224
Created:	January 30, 2006	Updated:	February 15, 2006
Description:	Michael Jennings discovered an exploitable buffer overflow in the configuration engine of LibAST. The vulnerability can be exploited to gain escalated privileges if the application using LibAST is setuid/setgid and passes a specifically crafted filename to LibAST's configuration engine.
Alerts:	Debian DSA-976-1 libast 2006-02-15 Mandriva MDKSA-2006:029 libast 2006-02-02 Gentoo 200601-14 libast 2006-01-29

---

to post comments