'[oss-security] mmsclient: CVE request'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] mmsclient: CVE request
From:       Stefan Behte <Stefan.Behte () gmx ! net>
Date:       2009-12-10 20:43:04
Message-ID: 4B215D58.4090005 () gmx ! net
[Download RAW message or body]

Hello,

Harald van Dijk reported a buffer overflow in mmsclient in client.c to
Gentoo security (https://bugs.gentoo.org/show_bug.cgi?id=263413):

Line 28: #define BUF_SIZE 102400
Line 470: char data[1024];
Line 551: len = read (s, data, BUF_SIZE) ;

In a different Gentoo bug about the issue
(http://bugs.gentoo.org/show_bug.cgi?id=284747), Florian Streibelt noticed:

the reason for all this is in client.c:

31  #define BUF_SIZE 102400
[...]
473   char                 data[1024];
[...]
575   len = read (s, data, BUF_SIZE) ;
[...]
586   len = read (s, data, BUF_SIZE) ;

There might lurk more overflows in the (non-maintained) code.
Can I get a CVE for the issue?

Thanks,

Stefan Behte
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic