Summary: | buffer overflow in app-arch/ncompress | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Florian Schilhabel (RETIRED) <ruth> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | carlo | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
URL: | http://www.kb.cert.org/vuls/id/176363 | ||||||
Whiteboard: | A? [glsa] lewk | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Florian Schilhabel (RETIRED)
2004-10-03 14:11:32 UTC
Created attachment 41017 [details, diff]
patch
lv, This package has no metadata, and you were the last one to patch it. Could you please verify and apply this patch? Thanks! Making this bug public since this vulnerability has already been published. +*ncompress-4.2.4-r1 (06 Oct 2004) + + 06 Oct 2004; <solar@gentoo.org> +metadata.xml, +ncompress-4.2.4-r1.ebuild: + This update adds bounds checking to command line options used by ncompress bug + #66251. Also minor clode cleanups and a bugfixes by using debian patch from + http://packages.qa.debian.org/n/ncompress.html archs, please mark ncompress-4.2.4-r1 stable. Stable on ppc. Example-test works. Stable on alpha. Stable for sparc. Runs tests for me. stable on x86 stable on amd64 arm/hppa/ia64/s390 stable BABY mips stable Ready for a GLSA. I would say one is needed if this is really exploitable through amavisd[-new] or pure-ftpd (i.e. if they accept and tunnel through uncompress arbitrary pathnames). If they don't (or if they filter length/characters, which they should do) then a GLSA isn't needed... This is not exploitable through pure-ftpd (which uses uncompress only in the Makefile). Through amavisd-new, I'm not sure, but that would need to pass a very long file name that would probably break something else. That said, uncompress has a real potential to be called remotely in user applications and the filename can very well be under the control of the attacker. I would say this needs a GLSA, so my vote goes for YES Everyone agrees, we'll do one. GLSA 200410-08 ppc64, please mark stable to benefit from glsa. stable on ppc64, thanks! *** Bug 107312 has been marked as a duplicate of this bug. *** |