CVE-2008-1628

Published: 2 April 2008

Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.

Priority

Status

Package	Release	Status
audit Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Does not exist
	feisty	Does not exist
	gutsy	Released (1.5.4-0ubuntu1.1)
	hardy	Released (1.6.5-0ubuntu3)
	upstream	Needs triage
	Patches: debdiff: https://bugs.launchpad.net/ubuntu/gutsy/+source/audit/+bug/216117

References

https://www.cve.org/CVERecord?id=CVE-2008-1628
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/ubuntu/+source/audit/+bug/216117

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›