Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 261191 (CVE-2009-0650) - <net-analyzer/tptest-3.1.7-r2: Stack-based buffer overflows (CVE-2009-{0650,0659})
Summary: <net-analyzer/tptest-3.1.7-r2: Stack-based buffer overflows (CVE-2009-{0650,0...
Status: RESOLVED FIXED
Alias: CVE-2009-0650
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B1 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-03-04 16:58 UTC by Robert Buchholz (RETIRED)
Modified: 2013-10-26 20:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Proposed patch to fix the vulnerabilities in the GetStatsFromLine function in tpcommon.c. (tptest-3.1.7.GetStatsFromLine.patch,5.93 KB, patch)
2009-06-11 20:54 UTC, Mansour Moufid
no flags Details | Diff
http://milw0rm.com/exploits/8058 (8058.pl,1.20 KB, text/plain)
2009-07-09 21:16 UTC, Robert Buchholz (RETIRED)
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2009-03-04 16:58:41 UTC
CVE-2009-0650 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0650):
  Stack-based buffer overflow in the GetStatsFromLine function in
  TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers
  to cause a denial of service (application crash) and possibly execute
  arbitrary code via a STATS line with a long pwd field.  NOTE: some of
  these details are obtained from third party information.

CVE-2009-0659 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0659):
  Stack-based buffer overflow in the GetStatsFromLine function in
  TPTEST 3.1.7 allows remote attackers to have an unknown impact via a
  STATS line with a long email field.  NOTE: the provenance of this
  information is unknown; the details are obtained solely from third
  party information.
Comment 1 Mansour Moufid 2009-06-11 20:54:33 UTC
Created attachment 194291 [details, diff]
Proposed patch to fix the vulnerabilities in the GetStatsFromLine function in tpcommon.c.

This patch fixes the vulnerability due to strcpy, as well as a couple other potential issues.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2009-07-09 21:16:45 UTC
Created attachment 197416 [details]
http://milw0rm.com/exploits/8058
Comment 3 Chris Reffett gentoo-dev Security 2013-10-04 20:52:12 UTC
Revbumped with patch. Arches, please test and stabilize:
=net-analyzer/tptest-3.1.7-r2
Target arches: amd64 ppc sparc x86
Comment 4 Agostino Sarubbo gentoo-dev 2013-10-05 06:19:41 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2013-10-06 07:51:17 UTC
x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2013-10-07 19:29:54 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2013-10-09 17:09:34 UTC
sparc stable
Comment 8 Sergey Popov gentoo-dev Security 2013-10-10 10:39:58 UTC
GLSA request filed
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2013-10-26 20:52:10 UTC
This issue was resolved and addressed in
 GLSA 201310-16 at http://security.gentoo.org/glsa/glsa-201310-16.xml
by GLSA coordinator Sergey Popov (pinkbyte).