134082 – net-nds/portmap: (Set/Dump) Local Denial of Service

Bug 134082 - net-nds/portmap: (Set/Dump) Local Denial of Service

Summary: net-nds/portmap: (Set/Dump) Local Denial of Service

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Auditing (show other bugs)
Hardware:	All All

Importance:	High normal
Assignee:	Gentoo Security

URL:	http://www.milw0rm.com/exploits/1815
Whiteboard:	A3 [ebuild+] DerCorny
Keywords:

Depends on:
Blocks:

Reported:	2006-05-22 21:57 UTC by macanico
Modified:	2006-07-30 08:42 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description macanico 2006-05-22 21:57:43 UTC

http://www.milw0rm.com/exploits/1815

Comment 1 Stefan Cornelius (RETIRED) gentoo-dev

2006-05-22 22:05:35 UTC

base-system or net-fs please have a look and provide fixed ebuilds if necessary, thank you

Comment 2 Thierry Carrez (RETIRED) gentoo-dev

2006-05-30 11:25:40 UTC

I'd like the audit team to confirm this one and possibly give patch hints...

Comment 3 Stefan Cornelius (RETIRED) gentoo-dev

2006-06-13 03:15:49 UTC

audit team, any news?

Comment 4 Stefan Cornelius (RETIRED) gentoo-dev

2006-07-01 07:25:12 UTC

mhh, still no news ...

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-07-24 07:14:07 UTC

Tavis any news on this one?

Comment 6 Tavis Ormandy (RETIRED) gentoo-dev

2006-07-29 20:37:05 UTC

I think the real bug here is that thing actually compiles....

Investigating...

Comment 7 Tavis Ormandy (RETIRED) gentoo-dev

2006-07-30 08:42:12 UTC

Marking INVALID, beccause looking the code this is clearly by design, additionally the security team has along standing precedent of not security supporting debugging features.