oss-sec mailing list archives

Re: CVE id request: op

From: "Steven M. Christey" <coley () linus mitre org>
Date: Fri, 18 Jul 2008 11:48:34 -0400 (EDT)


======================================================
Name: CVE-2008-3229
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3229
Reference: MLIST:[oss-security] 20080712 CVE id request: op
Reference: URL:http://www.openwall.com/lists/oss-security/2008/07/12/4
Reference: CONFIRM:http://swapoff.org/changeset/563

Stack-based buffer overflow in op before Changeset 563, when xauth
support is enabled, allows local users to gain privileges via a long
XAUTHORITY environment variable.

Current thread:

CVE id request: op Nico Golde (Jul 12)
- Re: CVE id request: op Steven M. Christey (Jul 18)