[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1714-1] New rt2570 packages fix arbitrary code execution

Anno domini 2009 Chris Lamb scripsit:

> Moritz Muehlenhoff wrote:
> 
> > - ------------------------------------------------------------------------
> > Debian Security Advisory DSA-1714-1                  security@debian.org
> > http://www.debian.org/security/                       Moritz Muehlenhoff
> > January 28, 2009                      http://www.debian.org/security/faq
> > - ------------------------------------------------------------------------
> > 
> > Package        : rt2570
> > Vulnerability  : integer overflow
> > Problem type   : remote
> > Debian-specific: no
> > CVE Id(s)      : CVE-2009-0282
> > 
> > It was discovered that an integer overflow in the "Probe Request" packet
> > parser of the Ralinktech wireless drivers might lead to remote denial of
> > service or the execution of arbitrary code.

> Not for us.

Maybe it would be helpful to drop debian-security from the list of
recipients, as there are some of "us" who might be affected by this DSA...

Ciao
Max
-- 
	Follow the white penguin.
Reply to: