Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 263023 (CVE-2009-0148)

Summary: <dev-util/cscope-15.7a sprintf stack-based buffer overflow (CVE-2009-{0148,1577})
Product: Gentoo Security Reporter: Robert Buchholz (RETIRED) <rbu>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: emacs, vim
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://sourceforge.net/project/shownotes.php?release_id=679527&group_id=4664
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Robert Buchholz (RETIRED) gentoo-dev 2009-03-19 12:32:04 UTC 
** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths. Processing a maliciously crafted source file may lead to an unexpected application termination or arbitrary code execution.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2009-03-19 12:34:47 UTC 
Apple provided us with a reproducer for the issue.
A patch is being discussed upstream.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2009-05-02 09:48:26 UTC 
This is now public, please bump the version in tree.
Comment 3 Ulrich Müller gentoo-dev 2009-05-02 10:04:35 UTC 
Bumped to 15.7a. Arch teams, please stabilise.
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2009-05-02 14:15:42 UTC 
Stable for HPPA.
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2009-05-03 12:18:29 UTC 
Stable on alpha.
Comment 6 Markus Meier gentoo-dev 2009-05-03 12:35:25 UTC 
amd64/x86 stable
Comment 7 Brent Baude (RETIRED) gentoo-dev 2009-05-03 12:41:52 UTC 
ppc done
Comment 8 Brent Baude (RETIRED) gentoo-dev 2009-05-03 12:47:22 UTC 
ppc64 done
Comment 9 Tiago Cunha (RETIRED) gentoo-dev 2009-05-03 17:59:55 UTC 
sparc stable
Comment 10 Tobias Heinlein (RETIRED) gentoo-dev 2009-05-03 18:51:34 UTC 
GLSA request filed.
Comment 11 Raúl Porcel (RETIRED) gentoo-dev 2009-05-06 15:22:01 UTC 
arm/ia64/m68k/s390/sh stable
Comment 12 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-06 19:06:59 UTC 
CVE-2009-0148 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0148):
  Multiple buffer overflows in Cscope before 15.7a allow remote
  attackers to execute arbitrary code via (1) long pathnames, (2) long
  source-code strings, and other vectors.
Comment 13 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-15 09:18:46 UTC 
CVE-2009-1577 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1577):
  Multiple stack-based buffer overflows in the putstring function in
  find.c in Cscope before 15.6 allow user-assisted remote attackers to
  execute arbitrary code via a long (1) function name or (2) symbol in
  a source-code file.
Comment 14 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-05-24 13:06:29 UTC 
GLSA 200905-02