Gentoo Bug 116006 - net-misc/dropbear buffer overflow (CVE-2005-4178)

First Last Prev Next No search results available Search page Enter new bug

Bug#:	116006
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 116006 depends on:			Show dependency tree Show dependency graph
Bug 116006 blocks:			Show dependency tree Show dependency graph

Additional Comments: (this is where you put emerge --info)

Add to CC list

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2005-12-18 22:46 0000

Buffer overflow in Dropbear server before 0.47 allows authenticated users to
execute arbitrary code via unspecified inputs that cause insufficient memory to
be allocated due to an incorrect expression that does not enforce the proper
order of operations.

------- Comment #1 From Sune Kloppenborg Jeppesen 2005-12-18 22:47:33 0000 -------

Vapier please advise and bump as necessary.

------- Comment #2 From SpanKY 2005-12-19 16:51:55 0000 -------

version bumped in cvs

------- Comment #3 From Stefan Cornelius (RETIRED) 2005-12-19 22:46:26 0000 -------

dear arches, please test and mark stable - thx

------- Comment #4 From Gustavo Zacarias (RETIRED) 2005-12-20 05:41:04 0000 -------

sparc stable.

------- Comment #5 From Mark Loeser 2005-12-20 09:16:13 0000 -------

x86 stable

------- Comment #6 From Simon Stelling (RETIRED) 2005-12-20 10:32:53 0000 -------

amd64 stable

------- Comment #7 From Michael Hanselmann (hansmi) (RETIRED) 2005-12-20 11:48:46 0000 -------

hppa, ppc done

------- Comment #8 From Fernando J. Pereda 2005-12-21 01:56:27 0000 -------

Alpha done. Sorry for the delay.

Cheers,
Ferdy

------- Comment #9 From Stefan Cornelius (RETIRED) 2005-12-21 02:00:38 0000 -------

looks like ready for glsa

------- Comment #10 From Stefan Cornelius (RETIRED) 2005-12-23 03:55:34 0000 -------

Closing with GLSA 200512-13
Thanks to everybody involved.

------- Comment #11 From Joshua Kinard 2005-12-30 11:21:37 0000 -------

Marked stable on mips.

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 116006

net-misc/dropbear buffer overflow (CVE-2005-4178)

Last modified: 2005-12-30 11:21:37 0000