Date: Mon, 14 Jun 2010 16:20:29 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: Josh Bressers <bressers@...hat.com> cc: oss-security@...ts.openwall.com Subject: Re: CVE request: UnrealIRCd 220.127.116.11 source code contained a backdoor allowing for remote command execution On Mon, 14 Jun 2010, Josh Bressers wrote: > Can you give this one a 2009 ID. Use CVE-2009-4893 - Steve > ----- "Alex Legler" <a3li@...too.org> wrote: > >> On Sat, 12 Jun 2010 19:10:48 +0200, Alex Legler <a3li@...too.org> >> wrote: >> >>> [blah] >> >> While we're at it... >> >> http://www.unrealircd.com/txt/unrealsecadvisory.20090413.txt >> >> "A buffer in the code which handles user authorization is copied >> without >> sufficient length checks, causing a buffer overflow.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.