oss-sec mailing list archives
Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites
From: Hamid Zamani <me () hamidx9 ir>
Date: Tue, 10 Sep 2013 03:24:41 +0430
On 09/10/2013 01:18 AM, Florian Weimer wrote:
* Kurt Seifried:Format String please use CVE-2013-4258This was actually fixed in r285, before the report: http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com&forum_name=nas-commits In case someone else is wondering why there hasn't been a recent commit fixing a format string issue. :-)
That's right , but as i checked it had been fixed on upstream but packages on distros like Debian, Ubuntu and ... not. So i just reported that in order to update packages. Of course i had to mentioned that as it discussed at radscan mail list. Thanks -- Regards, Hamid Zamani (aka HAMIDx9) Ashiyane Digital Security Team
Current thread:
- CVE Request : NAS v1.9.3 multiple Vulnerabilites Hamid Zamani (Aug 15)
- Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites Kurt Seifried (Aug 19)
- Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites Hamid Zamani (Aug 19)
- Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites Florian Weimer (Sep 09)
- Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites Hamid Zamani (Sep 09)
- Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites Kurt Seifried (Aug 19)