Joined: 12 May 2004
|Posted: Tue Jun 01, 2010 9:26 pm Post subject: [ GLSA 201006-06 ] Transmission: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Transmission: Multiple vulnerabilities (GLSA 201006-06)
Date: June 01, 2010
Stack-based buffer overflows in Transmission may allow for remote execution
of arbitrary code.
Transmission is a cross-platform BitTorrent client.
Vulnerable: < 1.92
Unaffected: >= 1.92
Architectures: All supported architectures
Multiple stack-based buffer overflows in the tr_magnetParse() function
in libtransmission/magnet.c have been discovered.
A remote attacker could cause a Denial of Service or possibly execute
arbitrary code via a crafted magnet URL with a large number of tr or ws
There is no known workaround at this time.
All Transmission users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-p2p/transmission-1.92"
Last edited by GLSA on Thu Dec 05, 2013 4:29 am; edited 2 times in total