Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 263023 (CVE-2009-0148) - <dev-util/cscope-15.7a sprintf stack-based buffer overflow (CVE-2009-{0148,1577})
Summary: <dev-util/cscope-15.7a sprintf stack-based buffer overflow (CVE-2009-{0148,15...
Status: RESOLVED FIXED
Alias: CVE-2009-0148
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://sourceforge.net/project/showno...
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-03-19 12:32 UTC by Robert Buchholz (RETIRED)
Modified: 2009-05-24 13:06 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2009-03-19 12:32:04 UTC
** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths. Processing a maliciously crafted source file may lead to an unexpected application termination or arbitrary code execution.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2009-03-19 12:34:47 UTC
Apple provided us with a reproducer for the issue.
A patch is being discussed upstream.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2009-05-02 09:48:26 UTC
This is now public, please bump the version in tree.
Comment 3 Ulrich Müller gentoo-dev 2009-05-02 10:04:35 UTC
Bumped to 15.7a. Arch teams, please stabilise.
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2009-05-02 14:15:42 UTC
Stable for HPPA.
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2009-05-03 12:18:29 UTC
Stable on alpha.
Comment 6 Markus Meier gentoo-dev 2009-05-03 12:35:25 UTC
amd64/x86 stable
Comment 7 Brent Baude (RETIRED) gentoo-dev 2009-05-03 12:41:52 UTC
ppc done
Comment 8 Brent Baude (RETIRED) gentoo-dev 2009-05-03 12:47:22 UTC
ppc64 done
Comment 9 Tiago Cunha (RETIRED) gentoo-dev 2009-05-03 17:59:55 UTC
sparc stable
Comment 10 Tobias Heinlein (RETIRED) gentoo-dev 2009-05-03 18:51:34 UTC
GLSA request filed.
Comment 11 Raúl Porcel (RETIRED) gentoo-dev 2009-05-06 15:22:01 UTC
arm/ia64/m68k/s390/sh stable
Comment 12 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-06 19:06:59 UTC
CVE-2009-0148 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0148):
  Multiple buffer overflows in Cscope before 15.7a allow remote
  attackers to execute arbitrary code via (1) long pathnames, (2) long
  source-code strings, and other vectors.

Comment 13 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-15 09:18:46 UTC
CVE-2009-1577 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1577):
  Multiple stack-based buffer overflows in the putstring function in
  find.c in Cscope before 15.6 allow user-assisted remote attackers to
  execute arbitrary code via a long (1) function name or (2) symbol in
  a source-code file.

Comment 14 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-05-24 13:06:29 UTC
GLSA 200905-02