Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 23273

Summary: GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities.
Product: Gentoo Linux Reporter: solar (RETIRED) <solar>
Component: Current packagesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description solar (RETIRED) gentoo-dev 2003-06-22 08:56:14 UTC 
Only GNATS I see in portage is app-xemacs/gnats-1.15
-----------------------------------------------------

GNATS is a portable incident/bug report/help request-tracking system which runs
on UNIX-like operating systems.  It easily handles thousands of problem reports,
has been in wide use since the early 90s,  and can do most of its operations
over e-mail.

== Full-Disclosure Advisory == 
http://marc.theaimsgroup.com/?l=full-disclosure&m=105620754230671&w=2

== Exploit Code ==
http://packetstorm.linuxsecurity.com/filedesc/0x82-GNATS_sux.c.html
http://packetstorm.linuxsecurity.com/filedesc/0x82-GNATS_own.c.html
Comment 1 Jon Portnoy (RETIRED) gentoo-dev 2003-06-22 11:09:57 UTC 
Wrong category.

Moving.
Comment 2 Daniel Ahlberg (RETIRED) gentoo-dev 2003-06-24 13:56:13 UTC 
app-xemacs/gnats is a frontend to gnats. The "real" gnats is not in portage.