Users of freeciv please be advised of a command execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
MDVSA-2010:205: [MDVSA-2010:205] freeciv command execution
Problem Description:
A vulnerability was discovered and corrected in freeciv:
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to
read arbitrary files or execute arbitrary commands via scenario
that contains Lua functionality, related to the (1) os, (2) io, (3)
package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8)
require modules or functions (CVE-2010-2445).
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/cOfed7
No comments:
Post a Comment