Florian Weimer
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: iDEFENSE Security Advisory [IDEF1202] Multiple Vendor wget/curl NTLM Buffer Overflow Vulnerability
* No?l K?the quotes iDEFENSE:>> this issue, it will be publicly released in 60 days on 12/12/2005.Unfortunately, <secure-testing-team@lists.alioth.debian.org> is a public mailing list, so it''s no longer possible to hide this issue.
Moritz Muehlenhoff
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: iDEFENSE Security Advisory [IDEF1202] Multiple Vendor wget/curl NTLM Buffer Overflow Vulnerability
No?l K?the wrote:> > >> this issue, it will be publicly released in 60 days on 12/12/2005. > > > > Unfortunately, <secure-testing-team@lists.alioth.debian.org> is a > > public mailing list, so it''s no longer possible to hide this issue. > > Its already public from the wget mailinglist from where I''ve got this > info: > > http://www.mail-archive.com/wget%40sunsite.dk/msg08294.html > or > http://article.gmane.org/gmane.comp.web.wget.general/5064 > > A fixed 1.10.2 was released already: > > http://www.mail-archive.com/wget%40sunsite.dk/msg08295.htmlThanks, I''ve filed a bug against curl with a proposed fix derived from wget''s 1.10.2 release. iDefense typically requests CVE assignments for their advisories, so we don''t need to do so ourselves. Cheers, Moritz
Noèl Köthe
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: iDEFENSE Security Advisory [IDEF1202] Multiple Vendor wget/curl NTLM Buffer Overflow Vulnerability
Am Donnerstag, den 13.10.2005, 12:39 +0200 schrieb Florian Weimer:> * No?l K?the quotes iDEFENSE: > > >> this issue, it will be publicly released in 60 days on 12/12/2005. > > Unfortunately, <secure-testing-team@lists.alioth.debian.org> is a > public mailing list, so it''s no longer possible to hide this issue.Its already public from the wget mailinglist from where I''ve got this info: http://www.mail-archive.com/wget%40sunsite.dk/msg08294.html or http://article.gmane.org/gmane.comp.web.wget.general/5064 A fixed 1.10.2 was released already: http://www.mail-archive.com/wget%40sunsite.dk/msg08295.html -- No?l K?the <noel debian.org> Debian GNU/Linux, www.debian.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20051013/2c8d8416/attachment.pgp
Noèl Köthe
2006-Mar-13 12:28 UTC
[Secure-testing-team] Re: iDEFENSE Security Advisory [IDEF1202] Multiple Vendor wget/curl NTLM Buffer Overflow Vulnerability
Hello, FYI from wget: Debian stable doesn''t have this problem because NTLM is a new feature in wget 1.10 (http://svn.dotsrc.org/repo/wget/tags/WGET_1_10_1/NEWS see * Changes in Wget 1.10.) and sarge has 1.9.x It is a problem in etch/sid. Until now no reaction from upstream. Am Mittwoch, den 12.10.2005, 16:15 -0400 schrieb vendor-disclosure:> iDEFENSE has identified an NTLM Buffer Overflow Vulnerability in > wget/curl. This vulnerability was submitted to iDEFENSE through our > Vulnerability Contributor Program: > > http://www.idefense.com/poi/teams/vcp.jsp > > iDEFENSE Labs has validated this vulnerability and has drafted the > attached advisory. In accordance with our vendor disclosure policy > > http://www.idefense.com/legal_disclosure.jsp > > We would request that you acknowledge receipt of this initial > notification within five business days so that we may begin the process > of coordinating an appropriate public disclosure date for this issue > that will provide your company with adequate time to develop a patch or > workaround to mitigate this vulnerability. If you have questions > regarding this issue or require further details to assist with your own > analysis, please do not hesitate to contact us. > > It is always our goal to coordinate on the public disclosure of > patches/advisories as quickly as possible after a vulnerability is > discovered. If however a reasonable timeframe cannot be agreed upon for > this issue, it will be publicly released in 60 days on 12/12/2005. > iDEFENSE is willing to work with a vendor to find a mutually agreeable > release date beyond this timeframe so long as the vendor continues to > make good faith efforts to produce patches in a timely fashion and > regularly informs iDEFENSE of their progress in doing so. > > Please note that if the affected product is included within other > applications and/or operating systems, iDEFENSE will not be coordinating > disclosure of the vulnerability to affected third parties. We would ask > that you handle this coordination separately. > > Regards, > Michael Sutton > > Michael Sutton > Director, iDEFENSE Labs > iDEFENSE > 1875 Campus Commons Drive, Suite 210 > Reston, VA 20191 > direct: 703.480.5628 > voice: 703.390.1230 > fax: 703.390.9456 > msutton@idefense.com > www.idefense.com-- No?l K?the <noel debian.org> Debian GNU/Linux, www.debian.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20051013/407e51bc/attachment.pgp