Date: Tue, 14 Jul 2015 13:11:52 -0700 From: Seth Arnold <seth.arnold@...onical.com> To: Agostino Sarubbo <ago@...too.org> Cc: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: siege: off-by-one in load_conf() On Tue, Jul 14, 2015 at 09:17:04PM +0200, Agostino Sarubbo wrote: > Description: > Siege is an http load testing and benchmarking utility. > > During the test of a webserver, I hit a segmentation fault. I recompiled > siege with ASan and it clearly show an off-by-one in load_conf(). The issue > is reproducible without passing any arguments to the binary. Does load_conf() process any information from any untrusted sources? Has Siege processed any data from the network at this point? This sounds like a regular bug rather than a security boundary, unless I've misunderstood the application. Thanks Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.