oss-sec mailing list archives

Re: CVE Request: w3m does not check null bytes CN/subjAltName

From: Josh Bressers <bressers () redhat com>
Date: Mon, 14 Jun 2010 15:41:03 -0400 (EDT)

Please use CVE-2010-2074 for this.

Thanks.

-- 
    JB


----- "Ludwig Nussel" <ludwig.nussel () suse de> wrote:

Hi,

Yet another occurrence of CVE-2009-2408, this time in w3m. I tried
contacting the w3m developers listed on sourceforge but got no
response. In the default configuration the missing null checks don't
make the situation worse though as w3m doesn't verify certificates
by default ('ssl_verify_server' is off by default). Attached two
patches turn on 'ssl_verify_server' and fix the null handling.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Current thread:

CVE Request: w3m does not check null bytes CN/subjAltName Ludwig Nussel (Jun 14)
- Re: CVE Request: w3m does not check null bytes CN/subjAltName Josh Bressers (Jun 14)