Hosting Provided By

CVS: cvs.openbsd.org: ports

From: Brad Smith <brad(at)cvs.openbsd.org>
Date: Fri Jul 18 2003 - 21:14:02 EDT

CVSROOT:	/cvs
Module name:	ports
Changes by:	brad@cvs.openbsd.org	2003/07/18 19:14:01

Modified files:
	net/ucd-snmp   : Tag: OPENBSD_3_3 Makefile 
Added files:
	net/ucd-snmp/patches: Tag: OPENBSD_3_3 
	                      patch-apps_snmpnetstat_if_c

Log message:
A remote heap overflow was discovered in snmpnetstat by Axioma Security Research. When a list of interfaces is requested, a malicious server can return information in a way that will cause a heap overflow in snmpnetstat.

A remote atacker able to control a snmp server can exploit this vulnerability to execute arbitrary code with the privileges of the user running snmpnetstat.

http://marc.theaimsgroup.com/?l=bugtraq&m=101008893718720&w=2 Received on Fri Jul 18 21:32:42 2003

This message: [ Message body ]
Next message: Brad Smith: "CVS: cvs.openbsd.org: ports"
Previous message: Brad Smith: "CVS: cvs.openbsd.org: ports"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:46:03 EDT