Libnids contains a bug which could allow remote code execution.
|Package||net-libs/libnids on all architectures|
|Affected versions||<= 1.17|
|Unaffected versions||>= 1.18|
Libnids is a component of a network intrusion detection system.
There is a bug in the part of libnids code responsible for TCP reassembly. The flaw probably allows remote code execution.
A remote attacker could possibly execute arbitrary code.
There is no known workaround at this time.
It is recommended that all Gentoo Linux users who are running net-libs/libnids update their systems as follows:
# emerge sync # emerge -pv '>=net-libs/libnids-1.18' # emerge '>=net-libs/libnids-1.18' # emerge clean
November 22, 2003
November 22, 2003: 01