oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request -- libnids v1.24 -- Null pointer dereference

From: Josh Bressers <bressers () redhat com>
Date: Thu, 1 Apr 2010 15:29:28 -0400 (EDT)
----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:


Hi Steve, vendors,

   libnids upstream has released latest, v1.24 version, addressing
one NULL pointer dereference:

   [1] http://libnids.sourceforge.net/
   [2]
http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt

   "v1.24 Mar 14 2010
    - fixed another remotely triggerable NULL dereference in
    ip_fragment.c"

   [3] http://secunia.com/advisories/39225/

Could you allocate a CVE id for it?



Please use CVE-2010-1144

Thanks

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: