Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 116006 - net-misc/dropbear buffer overflow (CVE-2005-4178)
Summary: net-misc/dropbear buffer overflow (CVE-2005-4178)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard: C1? [glsa] jaervosz
Keywords:
Depends on:
Blocks:
 
Reported: 2005-12-18 22:46 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2005-12-30 11:21 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-12-18 22:46:07 UTC
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-12-18 22:47:33 UTC
Vapier please advise and bump as necessary.
Comment 2 SpanKY gentoo-dev 2005-12-19 16:51:55 UTC
version bumped in cvs
Comment 3 Stefan Cornelius (RETIRED) gentoo-dev 2005-12-19 22:46:26 UTC
dear arches, please test and mark stable - thx
Comment 4 Gustavo Zacarias (RETIRED) gentoo-dev 2005-12-20 05:41:04 UTC
sparc stable.
Comment 5 Mark Loeser (RETIRED) gentoo-dev 2005-12-20 09:16:13 UTC
x86 stable
Comment 6 Simon Stelling (RETIRED) gentoo-dev 2005-12-20 10:32:53 UTC
amd64 stable
Comment 7 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-12-20 11:48:46 UTC
hppa, ppc done
Comment 8 Fernando J. Pereda (RETIRED) gentoo-dev 2005-12-21 01:56:27 UTC
Alpha done. Sorry for the delay.

Cheers,
Ferdy
Comment 9 Stefan Cornelius (RETIRED) gentoo-dev 2005-12-21 02:00:38 UTC
looks like ready for glsa
Comment 10 Stefan Cornelius (RETIRED) gentoo-dev 2005-12-23 03:55:34 UTC
Closing with GLSA 200512-13
Thanks to everybody involved.
Comment 11 Joshua Kinard gentoo-dev 2005-12-30 11:21:37 UTC
Marked stable on mips.