Date: Tue, 14 Jul 2015 13:11:52 -0700 From: Seth Arnold <seth.arnold@...onical.com> To: Agostino Sarubbo <ago@...too.org> Cc: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: siege: off-by-one in load_conf() On Tue, Jul 14, 2015 at 09:17:04PM +0200, Agostino Sarubbo wrote: > Description: > Siege is an http load testing and benchmarking utility. > > During the test of a webserver, I hit a segmentation fault. I recompiled > siege with ASan and it clearly show an off-by-one in load_conf(). The issue > is reproducible without passing any arguments to the binary. Does load_conf() process any information from any untrusted sources? Has Siege processed any data from the network at this point? This sounds like a regular bug rather than a security boundary, unless I've misunderstood the application. Thanks Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ