Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 27849 - Whois 4.6.6 Command Line Buffer Overrun Vulnerability
Summary: Whois 4.6.6 Command Line Buffer Overrun Vulnerability
Status: RESOLVED DUPLICATE of bug 24860
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL: http://www.securityfocus.com/bid/8483
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-09-03 01:55 UTC by Raimund Specht
Modified: 2005-07-17 13:06 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Raimund Specht 2003-09-03 01:55:32 UTC 
See http://www.securityfocus.com/bid/8483 (includes patch).

Reproducible: Always
Steps to Reproduce:
Comment 1 Raimund Specht 2003-09-03 02:15:56 UTC 
The Gentoo ebuild already contains the proposed fix. Gentoo is therefore NOT directly affected.
Sorry.
Comment 2 solar (RETIRED) gentoo-dev 2003-09-03 10:54:06 UTC 
I fixed this bug a while ago.
What kinda bothers me is Zone-H taking credit for discovering this bug, they did nothing of the sort as this bug was known already to deb,redhat,gentoo as one can tell by the dates in all our bug tracking systems.

Please see bug #24860 for more details on the whois buffer overflow and see why the author refuses to fix the software.

*** This bug has been marked as a duplicate of 24860 ***