oss-security - CVE id request: fraud2

Openwall Project		/home Owl JtR Pro crypt pam_passwdqc tcb phpass scanlogd popa3d msulogin / Linux BIND / advisories presentations / services donations / wordlists passwords / news community lists wiki CVSweb mirrors signatures
bringing security into open environments

Password Recovery Resources on the Net

[<prev] [next>] [thread-next>] [month] [year] [list]

Date: Wed, 24 Sep 2008 00:53:55 +1000
From: Steffen Joeris <steffen.joeris@...lelinux.de>
To: oss-security@...ts.openwall.com
Subject: CVE id request: fraud2

Hi

fraad2 is affected by a heap overflow. 

Upstream announcement:
http://www.audiocoding.com/

Upstream patch:
http://www.audiocoding.com/patch/main_overflow.diff

Gentoo Bugreport:
http://bugs.gentoo.org/show_bug.cgi?id=238445

Debian Bugreport:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499899

Could I please get a CVE id for this?

Cheers
Steffen

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.