Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <525FC779.1000905@gentoo.org>
Date: Thu, 17 Oct 2013 15:18:17 +0400
From: Sergey Popov <pinkbyte@...too.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: echoping buffer overflow vulnerabilities

Echoping 6.0.2 and before contains several buffer overflow
vulnerabilities that can lead to execution of arbitrary code on the
system or cause the application to crash.

Bug report in Gentoo:
https://bugs.gentoo.org/show_bug.cgi?id=349569

Some additional info:
http://xforce.iss.net/xforce/xfdb/64141
http://secunia.com/advisories/42619/

Issue is fixed in upstream[1], but no release yet.

Please assign a CVE for this, thanks.

[1] - http://sourceforge.net/p/echoping/bugs/55/

-- 
Best regards, Sergey Popov
Gentoo developer
Gentoo Desktop Effects project lead
Gentoo Qt project lead
Gentoo Proxy maintainers project lead


Download attachment "signature.asc" of type "application/pgp-signature" (556 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.