Date: Thu, 18 Jun 2015 13:03:01 -0400 (EDT) From: cve-assign@...re.org To: vkaigoro@...hat.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request: pure-ftpd denial of service in glob_() -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Version 1.0.40 of pure-FTPd > NEWS file: > - The process handling a user session could be crashed by trying to > match a file pattern longer than the maximum length for a path. This > has been fixed. > https://github.com/jedisct1/pure-ftpd/commit/0627004e23a24108785dc1506c5767392b90f807 Can you clarify the security impact? We have not looked into the code paths or the overall product design. Is this a process that is specific to one FTP client? Is the problem that the gl_errfunc assignment doesn't occur and there is always a dereference of a NULL function pointer? Is there a commonly relevant consequence other than the ability of an FTP client to conduct a DoS attack against its own session? - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVgvkkAAoJEKllVAevmvmsAHgH/js/rXSJfKmyb+7VLsgYnzPz +DRUjQ4h/Nza0ZvBUuWub3JMaqWgLq+YCXZKVHUPmdyz+i7oXYPHyEZzvGVedVHi djzSqdAh8sU6lN5oG7yShjlHTIDnDr+MJDvU4gjnsLxTuEGGDkUeZzwUXyOJgO9f hCFSFSRFe6pMrOIuaPIwO/opLX0qG+c8E2IZbR5bXCq8mKVVLxs9/rl9juBGtGeo oUwK9E+NktAnRCsRhtGnxCl37teIePbmuj+MLuIvQysf2xjfIJvi1FQ5GeuVDcN6 U4nv9rx7VIAy1EWPoWlAo66YKaSyOv1RIAc3cVu/lHkYfwQA54F/KR+k1Lbfge0= =1/Mw -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.