Date: Mon, 14 Jun 2010 16:20:29 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: Josh Bressers <bressers@...hat.com> cc: oss-security@...ts.openwall.com Subject: Re: CVE request: UnrealIRCd 18.104.22.168 source code contained a backdoor allowing for remote command execution On Mon, 14 Jun 2010, Josh Bressers wrote: > Can you give this one a 2009 ID. Use CVE-2009-4893 - Steve > ----- "Alex Legler" <a3li@...too.org> wrote: > >> On Sat, 12 Jun 2010 19:10:48 +0200, Alex Legler <a3li@...too.org> >> wrote: >> >>> [blah] >> >> While we're at it... >> >> http://www.unrealircd.com/txt/unrealsecadvisory.20090413.txt >> >> "A buffer in the code which handles user authorization is copied >> without >> sufficient length checks, causing a buffer overflow.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ