oss-sec mailing list archives

Re: CVE request: bip buffer overflow

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 24 Jan 2012 13:41:51 -0700

On 01/24/2012 02:41 AM, Luciano Bello wrote:

Hi there,
        Please, assign a CVE ID for the following vulnerability in bip 
(http://bip.t1r.net): https://projects.duckcorp.org/issues/269

The patch can be found here: 
https://projects.duckcorp.org/projects/bip/repository/revisions/222a33cb84a2e52ad55a88900b7895bf9dd0262c

This bug is present in 0.8.8 and previous versions and, according to reporter, 
remote execution of code should be possible.

Thanks,

/luciano


Excellent CVE request. Please use CVE-2012-0806 for this issue.

-- 

--

-- Kurt Seifried / Red Hat Security Response Team

Current thread:

CVE request: bip buffer overflow Luciano Bello (Jan 24)
- Re: CVE request: bip buffer overflow Kurt Seifried (Jan 24)