oss-sec mailing list archives
Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 29 Oct 2012 13:41:38 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/29/2012 01:02 PM, Andrés Gómez Ramírez wrote:
Sorry for the previous message, it was not intentional :)
Thanks.
Hi, Could a CVE be assigned to this issue? Name: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Software: PLIB 1.8.5 Software link: http://plib.sourceforge.net/ Vulnerability Type: Stack Based Buffer overflow References: http://www.exploit-db.com/exploits/21831/ http://www.securityfocus.com/bid/55839 Vulnerability Details: Plib is prone to stack based Buffer overflow in the error function in ssg/ssgParser.cxx when it loads 3d model files as X (Direct x), ASC, ASE, ATG, and OFF, if a very long error message is passed to the function, in line 68: // Output an error void _ssgParser::error( const char *format, ... ) { char msgbuff[ 255 ]; va_list argp; char* msgptr = msgbuff; if (linenum) { msgptr += sprintf ( msgptr,"%s, line %d: ", path, linenum ); } va_start( argp, format ); 68 vsprintf( msgptr, format, argp ); va_end( argp ); ulSetError ( UL_WARNING, "%s", msgbuff ) ; } Thanks, Andres Gomez.
Please use CVE-2012-4552 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQjtvyAAoJEBYNRVNeJnmTPckP/ifPXgu6oDGLdQGFxDfH/L/N osBeiFGp21SnFguzfvwjSQgAvco+VuBNL2R7WAZXqiXcsw9vOLSZB8JDelc1udxw HFQOK84i1U7kVisXNCkOmxcgdfxJIz9yclgx4WZXxQiYIbT4XdEF9KuYHPlFSlN4 vyP/RruG2/zGACjL96r+9y17WJtbsf1qEDWmfF2GEXVb19rfzXyRu6R9o3UcWjqT jNm+wH63iEggxjyXPGEBUf3TIZAA0vNX18LWVs9V4H0mY56VepHGPtuchLkAduKh usaOSs1EAWP2jexi6/txJWGCNrHuoSbWn+CJ1FwUwzHMtRY+s8dgV3ZmproMGwcD eAjmPgQPsBHi4MGJNJ42mnH6x/q+fbI4B08yE2cNVqVZ2Ag3NuHQqofqfLcWL+ap m/lJ84KdZYmsoRE+aCPBrP98elyse6P1LSiQRk5aFQuinv/nYRz9WEqF9biXqFLC 9F3JHJXfaseWhzzhFSwUHUVp6DERHhDJDBuyTYonjblVO7AABsKVTxcgQUzJDO+V EI2fFUHbCKqlcIoIAL6TGvDea3Gwsw3E8+5t7Yn1UJzulIN5ht2QsiYQzk6Mfbwg nviEvgPsyyYllTRUQMPlyabAAEEgDEsTLD2VuExCrYJS4rGfdfEK+jlEBUaFHw1D YQkN5FovxvMAHbeDZVIl =+9oQ -----END PGP SIGNATURE-----
Current thread:
- CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Andres Gomez (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Kurt Seifried (Oct 29)
- <Possible follow-ups>
- CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Andrés Gómez Ramírez (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Kurt Seifried (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Vincent Danen (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Andrés Gómez Ramírez (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Vincent Danen (Oct 31)