Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 24 Jan 2012 13:41:51 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Luciano Bello <luciano@...ian.org>
Subject: Re: CVE request: bip buffer overflow

On 01/24/2012 02:41 AM, Luciano Bello wrote:
> Hi there,
>         Please, assign a CVE ID for the following vulnerability in bip 
> (http://bip.t1r.net): https://projects.duckcorp.org/issues/269
> 
> The patch can be found here: 
> https://projects.duckcorp.org/projects/bip/repository/revisions/222a33cb84a2e52ad55a88900b7895bf9dd0262c
> 
> This bug is present in 0.8.8 and previous versions and, according to reporter, 
> remote execution of code should be possible.
> 
> Thanks,
> 
> /luciano

Excellent CVE request. Please use CVE-2012-0806 for this issue.

-- 

--

-- Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ