197576 CVE-2007-5723 2007-10-31 00:49 0000 net-firewall/nufw < 2.2.7 samp_send Buffer overflow (DoS) (CVE-2007-5723) 2007-11-12 13:13:02 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://secunia.com/advisories/27442 ~3 [noglsa] P2 trivial --- 1 rbu@gentoo.org security@gentoo.org cedk@gentoo.org netmon@gentoo.org rbu@gentoo.org 2007-10-31 00:49:29 0000 CVE-2007-5723 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5723): Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows remote attackers to cause a denial of service via unspecified input on which base64 encoding is performed. NOTE: some of these details are obtained from third party information. rbu@gentoo.org 2007-10-31 00:53:17 0000 Netmon, Cédric, please advise. rbu@gentoo.org 2007-11-12 02:39:32 0000 Netmon, cedk is marked away. Are you touching this package? pva@gentoo.org 2007-11-12 13:06:14 0000 Thank you Rober for report. nufw-2.2.7 is in portage. Old vulnerable versions are cleaned. No versions were stable. Bug is FIXED. Leaving for security to update whiteboard and resolve bug. py@gentoo.org 2007-11-12 13:13:02 0000 thanks Peter.