Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 15 Sep 2014 11:28:12 -0400 (EDT)
From: cve-assign@...re.org
To: kristian.fiskerstrand@...ptuouscapital.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE assignment for c-icap Server

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> http://sourceforge.net/p/c-icap/bugs/59/
> i found the bug in the parse_request() function.
> Please see the details in the attachment.

> <Peter Berestov> pberestov@...il.com
> If a buffer doesn't contain " " or "?" then the *end pointer will increase
> The pointer can leave the area of memory allocated for the buffer.

Use CVE-2013-7401 for this specific issue discovered by Peter
Berestov.


> chtsanti 2013-10-02
> 
> This bug and many other related fixed in trunk with patches:
> r1018 and r1021.
> 
> http://sourceforge.net/p/c-icap/code/1018/
> 
> Fix multiple problems on parsing ICAP requests. In many cases the c-icap may
> crash if not found a normal ICAP request.

Use CVE-2013-7402 for the chtsanti discoveries, i.e., the other issues
in the pre-r1018 code that made a remote crash possible. This might,
for example, include attack vectors with invalid method names.

There is no CVE ID for the http://sourceforge.net/p/c-icap/code/1021
issue. This seems to be a usability problem that was introduced by the
first version of the security fixes.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUFwT6AAoJEKllVAevmvmsIoEH/AnEdl+oKCBmSfWw/ixQonyY
pKmh4HF1OTh3AsC1tJ88hbDasvr3ZpvPcmPbFtLoRkB5IgFBrCfiAWMAbp3h3gp8
HyCaaz/im7D+gJuDDf1fxCyCqt8pG+Haffk0QGMAVnmbkCyk4NWMt20OXXj/lV/k
G0sXNLwl3J4f/BdjzcjMISZzq1qYq785epzyDycNKynpYA7z3e1fjesJyZ/wB2T5
O9bkjXRuhmjzbSTxYLAwXURVl4c7BWqJJASPq84UDg+R/pW5y3/OUMRrGJ2t79Rp
bAPDDp3mo47PutGcbKTJsZqg2Lu/UJmxvxk+ximP5VeB4MqFcwZv0tVi4byxPx8=
=WCEN
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.