[Pkg-cups-devel] Bug#457453: cupsys: CVE-2007-5849 stack-based buffer overflow leading to code execution in SNMP back-end
Nico Golde
nion at debian.org
Sat Dec 22 14:29:27 UTC 2007
Package: cupsys
Version: 1.2.7-4etch1
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for cupsys.
CVE-2007-5849[0]:
| Integer underflow in the asn1_get_string function in the SNMP back end
| for CUPS allows remote attackers to execute arbitrary code via a
| crafted SNMP response that triggers a stack-based buffer overflow.
I attached a patch which fixes this problem.
Sarge is not affected by this as the SNMP backend was
introduced later.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2007-5849.patch
Type: text/x-diff
Size: 1017 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-cups-devel/attachments/20071222/6f6d0bcd/attachment.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-cups-devel/attachments/20071222/6f6d0bcd/attachment.pgp
More information about the Pkg-cups-devel
mailing list