• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

mnoGoSearch 3.1.19 Search Query Buffer Overflow Vulnerability

Solution:
Conectiva has released a security advisory (CLA-2003:711) and fixes to address this issue. Details regarding applying fixes can be found in the referenced advisory, fixes are linked below.

This is reportedly fixed in the latest cvs version.


mnoGoSearch mnoGoSearch 3.1.19

• Conectiva mnogosearch-3.1.21-12434U90_2cl.i386.rpm
  Conectiva Linux 9
  ftp://atualizacoes.conectiva.com.br/9/RPMS/mnogosearch-3.1.21-12434U90 _2cl.i386.rpm


• Conectiva mnogosearch-3.1.21-12434U90_2cl.src.rpm
  Conectiva Linux 9
  ftp://atualizacoes.conectiva.com.br/9/SRPMS/mnogosearch-3.1.21-12434U9 0_2cl.src.rpm


• Conectiva mnogosearch-devel-3.1.21-12434U90_2cl.i386.rpm
  Conectiva Linux 9
  ftp://atualizacoes.conectiva.com.br/9/RPMS/mnogosearch-devel-3.1.21-12 434U90_2cl.i386.rpm


• Conectiva mnogosearch-devel-static-3.1.21-12434U90_2cl.i386.rpm
  Conectiva Linux 9
  ftp://atualizacoes.conectiva.com.br/9/RPMS/mnogosearch-devel-static-3. 1.21-12434U90_2cl.i386.rpm