Libnids contains a bug which could allow remote code execution.
Package | net-libs/libnids on all architectures |
---|---|
Affected versions | <= 1.17 |
Unaffected versions | >= 1.18 |
Libnids is a component of a network intrusion detection system.
There is a bug in the part of libnids code responsible for TCP reassembly. The flaw probably allows remote code execution.
A remote attacker could possibly execute arbitrary code.
There is no known workaround at this time.
It is recommended that all Gentoo Linux users who are running net-libs/libnids update their systems as follows:
# emerge sync # emerge -pv '>=net-libs/libnids-1.18' # emerge '>=net-libs/libnids-1.18' # emerge clean
Release date
November 22, 2003
Latest revision
November 22, 2003: 01
Severity
normal
Exploitable
remote
Bugzilla entries