Date: Wed, 2 Jul 2008 02:03:36 +0200 From: Robert Buchholz <rbu@...too.org> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: Two remote DoS issues in linuxdcpp On Tuesday 01 July 2008, Steven M. Christey wrote: > ====================================================== > Name: CVE-2008-2953 > Status: Candidate > URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2953 > Reference: > CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=60861 >2&group_id=40287 Reference: > CONFIRM:http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp >/client/ShareManager.cpp.diff?r1=1.14&r2=1.15&sortby=date Reference: > SECUNIA:30812 > Reference: URL:http://secunia.com/advisories/30812 > > Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause > a denial of service (crash) via "partial file list requests" that > trigger a NULL pointer dereference. That Secunia advisory is actually for the Windows version of DC++, which has a different versioning. I think you might want to expand that in the description. Robert Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.