|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2003-0709: whois: buffer overflow | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Thomas Biege <thomas> |
| Component: | Incidents | Assignee: | Thomas Biege <thomas> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Major | ||
| Priority: | P3 - Medium | CC: | meissner, postadal, security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | CVE-2003-0709: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
patchinfo
putonftp patchinfog putonftp |
||
|
Description
Thomas Biege
2003-08-28 20:40:31 UTC
<!-- SBZ_reproduce --> whois -g $(perl -e 'printf "A" x 1022') OK I making patch, please send me p&p files. Are they needed for SL9.0/STABLE? The bug was in older distribution too Created attachment 13666 [details]
patchinfo
Created attachment 13667 [details]
putonftp
Thomas, the problem is not only with -g option, but with all options which take argument. Could you change it in p&p please? Created attachment 13669 [details]
patchinfog
Created attachment 13670 [details]
putonftp
All were submited with p&p. ok, we just need to wait for overloaded QA. Petr, is the fix in STABLE for 9.0? QA, when can we have an estimate for this? Yes, the fix is in STABLE/9.0 too. approved CVE-2003-0709 CVE-2003-0709: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) |