Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
Package: libnids
Severity: grave
"The TCP reassembly functionality in libnids before 1.18 allows remote
attackers to cause "memory corruption" and possibly execute arbitrary code
via "overlarge TCP packets."
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850
An update to version 1.18 should be sufficient to correct the problem.
I am copying dsniff@packages.debian.org, since that is the only reverse
dependency. This package is orphaned and could be removed if this bug is
not fixed.
-- System Information:
Debian Release: unstable
Architecture: i386
Kernel: Linux mizar 2.4.22-deb5-evms2.1.1-skas3-1 #1 Mon Dec 22 14:08:31 PST 2003 i686
Locale: LANG=en_US, LC_CTYPE=en_US
--
- mdz
Reply to: