Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 12 Jan 2017 21:47:13 -0500
From: <cve-assign@...re.org>
To: <ailin.nemui@...il.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: CVE Request: Irssi out of bounds read in format string

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> - Printing the value %[ leads to oob read
> https://blog.fuzzing-project.org/55-Fuzzing-Irssi-with-Perl-Scripts.html

Use CVE-2017-5356.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYeD88AAoJEHb/MwWLVhi2li0P/2G3s2BZ1aKfD6AE6RL9S1nz
DGFt6rX1OpYLBLsq0+C/6a4w8WN1Rih6LmlADwzDb6E93TY8eyfaF2jCPg5VUL1I
ZMLsAFL7WkrfJKiMItoYPDr6eKzXH1SCsuukaNFmuVCpxJS+cWuaQJKI0/Y+wrEo
zFRLTLWkx02EvicjwgdJ5+oWtp9PEpgjiAFD5fYkMG/PHWUyQIt1CYo4vTh3uvY3
m/z1ur0Eh35WSPFpxHMbUmMIi1fzVohcJTGvbXmR+EWwfRmudENrVPSFdUgCZAmh
0uQa+5it6eYPaorz67Hv9zUtEcNUzcibk/cepfNpY/rWWqJb7M2Wtg88J0YBysSS
C39Dnd6v06/2RkyZGWga8N9TF5UIty2Oljhyjrmfkw9p/ko7DJoS+F8SmDR32qtO
fB1YrhVXoXvZRj108vdtipl46w2xWL5+yP8fHTqZjRnEMRUrI308MrfjWW4UGyMi
ebLCN0uWtTXMC0TQCbXIhVNnDFhQlBRTpcxlWtuc6GDjvVCCBIWjFVB8jHUUIVBO
B+L+CQtcVoFmxz1470iodzHVjWIR7lagJp6KxaaSKQcMU+5Q2djHLw6nVuxsHC6y
o1t8u8SHXiLQSqyGImTuy/Ntvj4+yXABy5jzT2Y7XlS7dXhoSG9hu7PPsxGxIA6w
qNa+XrGe0DuQj87/bXYO
=ARuT
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.