logsurfer double free vulnerability

<!– logsurfer double free vulnerability –>

logsurfer double free vulnerability

 
news /
advisories /
forum /
software /
advertising /
search /
exploits

 

<!–
google_ad_client = “pub-9080155680222782”;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030”;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0”;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>

BUGTRAQSecurityVulns ID:12160Type:LOGSURFER : logsurfer 1.8CVE:CVE-2011-3626 (Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.)Original documentGENTOO, [ GLSA 201201-04 ] Logsurfer: Arbitrary code execution (30.01.2012)Discuss:Read or add your comments to this news (0 comments)

---

test server

Article source: http://securityvulns.com/news/logsurfer/doblefree.html

View full post on National Cyber Security