Pair Of Linux Holes Put Users At Risk

KingFishKingFish
edited September 2004 in Science & Tech
Linux users are at risk from serious security vulnerabilities in components used to view graphics and handle archives, according to researchers. The security holes, found in the imlib graphics library and the LHA archive tool, can be exploited via a specially crafted bitmap image or an LHarc-format archive to take over a Linux system.
The GNOME graphical user interface project this week released a patch for imlib, a basic library used in many image-viewing applications. The bug was first identified late last month by Novell SuSE Linux's Marcus Meissner, but was not thought to be serious. Later, developers realized the problem could be exploited to cause a buffer overflow and execute malicious code if a user viewed a graphic in any imlib-based application, for example a Web browser. Imlib 1.x and imlib2 1.x are affected, researchers said. MandrakeSoft, Gentoo and other Linux vendors are releasing patches for the flaw.
Source: eWeek
Sign In or Register to comment.