Re: CVE request: echoping buffer overflow vulnerabilities

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/17/2013 05:18 AM, Sergey Popov wrote:
> Echoping 6.0.2 and before contains several buffer overflow 
> vulnerabilities that can lead to execution of arbitrary code on
> the system or cause the application to crash.
>
> Bug report in Gentoo: 
> https://bugs.gentoo.org/show_bug.cgi?id=349569
>
> Some additional info: http://xforce.iss.net/xforce/xfdb/64141 
> http://secunia.com/advisories/42619/
>
> Issue is fixed in upstream[1], but no release yet.
>
> Please assign a CVE for this, thanks.
>
> [1] - http://sourceforge.net/p/echoping/bugs/55/

Please use CVE-2013-4448 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSYgwGAAoJEBYNRVNeJnmT86gP/A91wAw4i9j63pkwI01+7fxJ
FUiG9SvzA4IUEqyLInwzPq2UbldWfU4i62N9oPq968qxOAPN11XGK1L+OYeuvOXy
TQ7ZYo2l9CcLXqeAW4noyjHV3axZoL8zr+Sb2JQlZpRyUUqJ5Re5xVxSxtIMs4cS
Ydznh700chkCOXFZoT0IRO87Fr6Pe0aAcHZksfpfS0n+ceEALYgcrs0BSm0DBP6r
a3T8JxludZXEghBPtSwCBMuSyq9XTOuqY/MNQOrdzc5e/0bSLPw6JQhHUnAujVJy
tXyqj7LSVHsyX8PdX+BQbIqUFq52tm9//UUNKx0IO7w1RaPOj+oIl3DN2V2UPlWG
8eXvZJB282UIWWsm8nYtrQSiXCgutrvEYHvjUK8sS3/sUIpB/vQ1alV69VzSjv4w
8d1QwgOl10sYLMo8w6OZl3KfVgMbi3ZbDSgBqVwlRDYknBa76QYYh6Je+4/T+MJd
rVAmvj7i3jKWZjmlyzq1TxEmH3ERVRQ1SZz7y4SQDjZlGfEvt6L7yjc+gPwkKpJS
ihIuPtuWK39QjpbbO7cskdGT5clAFVCd0vC9cK0xN03FyjuNGng+zVOn2Sqx9Fz9
l1BNBtutzcVwbfDnKc2O5raMT6U/MjQxxe91JAISiwfhXGUV4qZWxzIYOexwfCOM
OelKbGrUeMaE6Vz0LK1x
=hN9J
-----END PGP SIGNATURE-----