diff options
| author | naddy <naddy@FreeBSD.org> | 2005-01-12 06:18:33 +0800 |
|---|---|---|
| committer | naddy <naddy@FreeBSD.org> | 2005-01-12 06:18:33 +0800 |
| commit | a90c203a3ce8700e3e9e3be9b473322a10bc615a (patch) | |
| tree | a96063183a579af4b896b1f49e37fef6e8225f40 /security | |
| parent | fcace81eb6f965f6b6b98bfa36a109d0112fc9bd (diff) | |
| download | freebsd-ports-gnome-a90c203a3ce8700e3e9e3be9b473322a10bc615a.tar.gz freebsd-ports-gnome-a90c203a3ce8700e3e9e3be9b473322a10bc615a.tar.zst freebsd-ports-gnome-a90c203a3ce8700e3e9e3be9b473322a10bc615a.zip | |
Document xshisen buffer overflows.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 6fa113d476e2..5b75c3b5b95a 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,33 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="56971fa6-641c-11d9-a097-000854d03344"> + <topic>xshisen -- local buffer overflows</topic> + <affects> + <package> + <name>xshisen</name> + <range><lt>1.36_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Steve Kemp has found buffer overflows in the handling + of the command line flag -KCONV and the XSHISENLIB environment + variable. Ulf Härnhammer has detected an unbounded copy from + the GECOS field to a char array. All overflows can be exploited + to gain group games privileges.</p> + </body> + </description> + <references> + <url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=213957</url> + <url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=289784</url> + </references> + <dates> + <discovery>2005-01-11</discovery> + <entry>2005-01-11</entry> + </dates> + </vuln> + <vuln vid="0cf3480d-5fdf-11d9-b721-00065be4b5b6"> <topic>helvis -- arbitrary file deletion problem</topic> <affects> |