| LinHES Forums http://forums.linhes.org/ |
|
| Is this a security issue we need to worry about? http://forums.linhes.org/viewtopic.php?f=17&t=13264 |
Page 1 of 1 |
| Author: | esherm22 [ Wed Jan 03, 2007 7:11 am ] |
| Post subject: | Is this a security issue we need to worry about? |
Affected Products MythControl version 1.0 and prior Technical Description A vulnerability has been identified in MythControl, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service. This issue is due to a buffer overflow error in the "sendToMythTV()" [MythControlServer/mythControlServer.c] function when handling an overly long command, which could be exploited by remote attackers to crash a vulnerable application or compromise an affected system via a specially crafted request. Link: http://www.frsirt.com/english/advisories/2007/0024 |
|
| Author: | cecil [ Wed Jan 03, 2007 9:56 am ] |
| Post subject: | |
In the past, Isaac has stated that MythTV isn't built w/ security in mind for performance reasons. It has also been my opinion that at MythTV system should be behind a firewall. I personally am not worried. If you have not, the place to query about this is the MythTV mailing list. |
|
| Author: | esherm22 [ Wed Jan 03, 2007 11:43 am ] |
| Post subject: | |
Thanks Cecil. Keep up the good work! |
|
| Page 1 of 1 | All times are UTC - 6 hours |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|