TITLE: Dante FD_SET Overflow Vulnerability SECUNIA ADVISORY ID: SA14071 VERIFY ADVISORY: http://secunia.com/advisories/14071/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network SOFTWARE: Dante 1.x http://secunia.com/product/4583/ DESCRIPTION: 3APA3A has reported a vulnerability in Dante, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a missing boundary check when doing "FD_SET()" operations. This can be exploited to cause a buffer overflow in certain configurations by establishing multiple concurrent connections. The vulnerability has been reported in version 1.1. Other versions may also be affected. SOLUTION: Update to version 1.1.15. http://www.inet.no/dante/ PROVIDED AND/OR DISCOVERED BY: 3APA3A ORIGINAL ADVISORY: Inferno Nettverk: http://www.inet.no/dante/advisory-2005-01-28 3APA3A: http://www.security.nnov.ru/advisories/sockets.asp
agriffis, there is no metadata for this package, and you were the last one to bump it, so please update bump to 1.1.15
version bumped. please test and mark stable for your arch
just works. stable on ppc64
sparc good.
x86 stable
Stable on alpha.
Sorry for the delay. Stable on ppc.
stable on amd64
arm/hppa/ia64/s390 stable
Please vote: only very specific conf affected -> NO ?
I vote for no GLSA here as well. Lewk?
Closing without GLSA.
Stable on mips.