Date: Sat, 11 Jun 2011 21:08:58 +0200 From: Timo Warns <warns@...-sense.de> To: oss-security@...ts.openwall.com Subject: CVE request: buffer overflow in tftp-hpa The tftp-hpa daemon contained a buffer overflow vulnerability in the function for setting the utimeout option. As the daemon accepts this option from clients, the buffer overflow can be remotely exploited. For a patch, see > git clone http://www.kernel.org/pub/scm/network/tftp/tftp-hpa.git/ > git diff 2864 f303 Thanks, Timo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ