Debian Security Advisory
DSA-156-1 epic4-script-light -- arbitrary script execution
- Date Reported:
- 22 Aug 2002
- Affected Packages:
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 5555.
In Mitre's CVE dictionary: CVE-2002-0984.
- More information:
All versions of the EPIC script Light prior to 2.7.30p5 (on the 2.7 branch) and prior to 2.8pre10 (on the 2.8 branch) running on any platform are vulnerable to a remotely-exploitable bug, which can lead to nearly arbitrary code execution.
This problem has been fixed in version 2.7.30p5-1.1 for the current stable distribution (woody) and in version 2.7.30p5-2 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't contain the Light package.
We recommend that you upgrade your epic4-script-light package and restart your IRC client.
- Fixed in:
Debian GNU/Linux 3.0 (woody)
- Architecture-independent component:
MD5 checksums of the listed files are available in the original advisory.