Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 14 Jun 2010 13:25:03 +0200
From: Ludwig Nussel <ludwig.nussel@...e.de>
To: oss-security@...ts.openwall.com
Subject: CVE Request: w3m does not check null bytes CN/subjAltName

Hi,

Yet another occurrence of CVE-2009-2408, this time in w3m. I tried
contacting the w3m developers listed on sourceforge but got no
response. In the default configuration the missing null checks don't
make the situation worse though as w3m doesn't verify certificates
by default ('ssl_verify_server' is off by default). Attached two
patches turn on 'ssl_verify_server' and fix the null handling.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

View attachment "w3m-0.5.2-ssl_verify_server_on.diff" of type "text/x-patch" (920 bytes)

View attachment "w3m-0.5.2-nulcn.diff" of type "text/x-patch" (1632 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ