Security Information / 2012 / Security Information -- DSA-2425-1 plib

Debian Security Advisory

DSA-2425-1 plib -- buffer overflow

Date Reported:

04 Mar 2012

Affected Packages:

plib

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 654785.
In Mitre's CVE dictionary: CVE-2011-4620.

More information:

It was discovered that PLIB, a library used by TORCS, contains a buffer overflow in error message processing, which could allow remote attackers to execute arbitrary code.

For the stable distribution (squeeze), this problem has been fixed in version 1.8.5-5+squeeze1.

For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 1.8.5-5.1.

We recommend that you upgrade your plib packages.