diff options
| author | delphij <delphij@FreeBSD.org> | 2013-07-12 05:28:39 +0800 |
|---|---|---|
| committer | delphij <delphij@FreeBSD.org> | 2013-07-12 05:28:39 +0800 |
| commit | 00300e531c327e4e7297e9e3793fee34a9a9e228 (patch) | |
| tree | d549e09bbda1715d4bfafe871b91141216c16dd5 | |
| parent | 37afbf675ecd52aebdd849d51148ede374993863 (diff) | |
| download | freebsd-ports-gnome-00300e531c327e4e7297e9e3793fee34a9a9e228.tar.gz freebsd-ports-gnome-00300e531c327e4e7297e9e3793fee34a9a9e228.tar.zst freebsd-ports-gnome-00300e531c327e4e7297e9e3793fee34a9a9e228.zip | |
Wrap long lines. No content change.
| -rw-r--r-- | security/vuxml/vuln.xml | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index cc64b6bd7adc..17a197aca716 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -63,9 +63,21 @@ Note: Please add new entries to the beginning of this file. <body xmlns="http://www.w3.org/1999/xhtml"> <p>Mark Dowd reports:</p> <blockquote cite="http://blog.azimuthsecurity.com/2013/06/attacking-crypto-phones-weaknesses-in.html"> - <p>Vulnerability 1. Remote Heap Overflow: If an attacker sends a packet larger than 1024 bytes that gets stored temporarily (which occurs many times - such as when sending a ZRTP Hello packet), a heap overflow will occur, leading to potential arbitrary code execution on the vulnerable host.</p> - <p>Vulnerability 2. Multiple Stack Overflows: ZRTPCPP contains multiple stack overflows that arise when preparing a response to a client's ZRTP Hello packet.</p> - <p>Vulnerability 3. Information Leaking / Out of Bounds Reads: The ZRTPCPP library performs very little validation regarding the expected size of a packet versus the actual amount of data received. This can lead to both information leaking and out of bounds data reads (usually resulting in a crash). Information leaking can be performed for example by sending a malformed ZRTP Ping packet.</p> + <p>Vulnerability 1. Remote Heap Overflow: If an attacker sends a + packet larger than 1024 bytes that gets stored temporarily (which + occurs many times - such as when sending a ZRTP Hello packet), a + heap overflow will occur, leading to potential arbitrary code + execution on the vulnerable host.</p> + <p>Vulnerability 2. Multiple Stack Overflows: ZRTPCPP contains + multiple stack overflows that arise when preparing a response + to a client's ZRTP Hello packet.</p> + <p>Vulnerability 3. Information Leaking / Out of Bounds Reads: + The ZRTPCPP library performs very little validation regarding the + expected size of a packet versus the actual amount of data + received. This can lead to both information leaking and out + of bounds data reads (usually resulting in a crash). + Information leaking can be performed for example by sending + a malformed ZRTP Ping packet.</p> </blockquote> </body> </description> |