oss-sec mailing list archives
mmsclient: CVE request
From: Stefan Behte <Stefan.Behte () gmx net>
Date: Thu, 10 Dec 2009 21:43:04 +0100
Hello, Harald van Dijk reported a buffer overflow in mmsclient in client.c to Gentoo security (https://bugs.gentoo.org/show_bug.cgi?id=263413): Line 28: #define BUF_SIZE 102400 Line 470: char data[1024]; Line 551: len = read (s, data, BUF_SIZE) ; In a different Gentoo bug about the issue (http://bugs.gentoo.org/show_bug.cgi?id=284747), Florian Streibelt noticed: the reason for all this is in client.c: 31 #define BUF_SIZE 102400 [...] 473 char data[1024]; [...] 575 len = read (s, data, BUF_SIZE) ; [...] 586 len = read (s, data, BUF_SIZE) ; There might lurk more overflows in the (non-maintained) code. Can I get a CVE for the issue? Thanks, Stefan Behte
Current thread:
- mmsclient: CVE request Stefan Behte (Dec 10)