[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4B215D58.4090005@gmx.net>
Date: Thu, 10 Dec 2009 21:43:04 +0100
From: Stefan Behte <Stefan.Behte@....net>
To: OSS Security <oss-security@...ts.openwall.com>
Subject: mmsclient: CVE request
Hello,
Harald van Dijk reported a buffer overflow in mmsclient in client.c to
Gentoo security (https://bugs.gentoo.org/show_bug.cgi?id=263413):
Line 28: #define BUF_SIZE 102400
Line 470: char data[1024];
Line 551: len = read (s, data, BUF_SIZE) ;
In a different Gentoo bug about the issue
(http://bugs.gentoo.org/show_bug.cgi?id=284747), Florian Streibelt noticed:
the reason for all this is in client.c:
31 #define BUF_SIZE 102400
[...]
473 char data[1024];
[...]
575 len = read (s, data, BUF_SIZE) ;
[...]
586 len = read (s, data, BUF_SIZE) ;
There might lurk more overflows in the (non-maintained) code.
Can I get a CVE for the issue?
Thanks,
Stefan Behte
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
