VULHUB ™

SuSE Security Advisory - A vulnerability has been found in the ncurses library, which is used by many text based applications. Insufficient boundary checking leads to a buffer overflow if a user supplies a specially drafted terminfo database file. If an ncurses-linked binary is installed setuid root, it is possible for a local attacker to exploit this hole and gain local root access. SuSE recommends patching this vulnerability by removing the SUID bits from xaos, screen, and cda.

SuSE Security Advisory - A vulnerability has been found in the ncurses library, which is used by many text based applications. Insufficient boundary checking leads to a buffer overflow if a user supplies a specially drafted terminfo database file. If an ncurses-linked binary is installed setuid root, it is possible for a local attacker to exploit this hole and gain local root access. SuSE recommends patching this vulnerability by removing the SUID bits from xaos, screen, and cda.