[prev in list] [next in list] [prev in thread] [next in thread]
List: net-snmp-bugs
Subject: [ net-snmp-Bugs-3003981 ] Possible buffer overflow in
From: "SourceForge.net" <noreply () sourceforge ! net>
Date: 2010-05-19 10:04:48
Message-ID: E1OEg8u-0001xf-Lr () sfs-web-11 ! v29 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Bugs item #3003981, was opened at 2010-05-19 12:04
Message generated for change (Settings changed) made by flup35
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3003981&group_id=12694
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: security
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: flup35 (flup35)
Assigned to: Nobody/Anonymous (nobody)
> Summary: Possible buffer overflow in agent_read_config.c
Initial Comment:
version : 5.4.3.rc3
file : agent_read_config.c
OS : Windows/Linux (just based upon reading the code !)
When reading the code, in function snmpd_set_agent_address at line 176 of file \
agent_read_config.c, I see that buf is declared as char buf[SPRINT_MAX_LEN];
SPRINT_MAX_LEN has the value 2560
However, at line 189, the newly read value is appended *without any overflow \
protection* to that stack variable named buf. I suggest snprintf or sprintf_s is used \
(depending upon the used OS)
THIS IS A POTENTIAL SECURITY ISSUE (POSSIBLE BUFFER OVERFLOW EXPLOIT !)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3003981&group_id=12694
------------------------------------------------------------------------------
_______________________________________________
Net-snmp-bugs mailing list
Net-snmp-bugs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic