Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)

To: Matt Zimmerman <mdz@debian.org>, 226356@bugs.debian.org
Subject: Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
From: Steve Kemp <skx@debian.org>
Date: Tue, 6 Jan 2004 11:22:55 +0000
Message-id: <[🔎] 20040106112255.GA30093@steve.org.uk>
Reply-to: Steve Kemp <skx@debian.org>, 226356@bugs.debian.org
In-reply-to: <[🔎] 20040106021707.GA27296@alcor.net>
References: <[🔎] 20040106021707.GA27296@alcor.net>

On Mon, Jan 05, 2004 at 06:17:07PM -0800, Matt Zimmerman wrote:
> Package: libnids
> Severity: grave
> 
> "The TCP reassembly functionality in libnids before 1.18 allows remote
> attackers to cause "memory corruption" and possibly execute arbitrary code
> via "overlarge TCP packets."
> 
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850
> 
> An update to version 1.18 should be sufficient to correct the problem.
> 
> I am copying dsniff@packages.debian.org, since that is the only reverse
> dependency.  This package is orphaned and could be removed if this bug is
> not fixed.

  I maintain dsniff - and will adopt libnids and upload a more recent
 version shortly.

  I've retitled #188171 to reflect this, although the cotrol address
 seems to be a little bit slow today.

Steve
--

Reply to:

Follow-Ups:
- Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
  - From: Colin Watson <cjwatson@debian.org>

References:
- Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Processed: libxaw-dev is long gone
Next by Date: Bug#165101: marked as done (libghttp1: ghttp_flush_response_buffer() induces failures on requests of unpredictable length)
Previous by thread: Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
Next by thread: Bug#226356: Buffer overflow vulnerability (CAN-2003-0850)
Index(es):
- Date
- Thread