Date: Wed, 22 Jun 2011 18:33:56 +0400 From: Vasiliy Kulikov <segoon@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: CVE requests: opie off by one and setuid() failure Hi, On Wed, Jun 22, 2011 at 16:28 +0200, Sebastian Krahmer wrote: > Can someone assign 2 CVE's for a off by one in opiesu > and a missing setuid() retval check in opielogin which > leads to easy root compromise? Reviewed opie-2.4. > > Patches are available here: > > https://bugzilla.novell.com/show_bug.cgi?id=698772 I don't see memory zeroing before strcat(): argvbuf = 0; Probably it is not spotted as it is the first malloc(), but it is a bug. Thanks, -- Vasiliy
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ