CVE-2009-0650 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0650): Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information. CVE-2009-0659 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0659): Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via a STATS line with a long email field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Created attachment 194291 [details, diff] Proposed patch to fix the vulnerabilities in the GetStatsFromLine function in tpcommon.c. This patch fixes the vulnerability due to strcpy, as well as a couple other potential issues.
Created attachment 197416 [details] http://milw0rm.com/exploits/8058
Revbumped with patch. Arches, please test and stabilize: =net-analyzer/tptest-3.1.7-r2 Target arches: amd64 ppc sparc x86
amd64 stable
x86 stable
ppc stable
sparc stable
GLSA request filed
This issue was resolved and addressed in GLSA 201310-16 at http://security.gentoo.org/glsa/glsa-201310-16.xml by GLSA coordinator Sergey Popov (pinkbyte).