thr3ads.net - Secure testing team - [Secure-testing-team] Bug#504121: dns2tcp: Buffer overflow in dns

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Arnaud Cornet

2008-Oct-31 18:25 UTC

[Secure-testing-team] Bug#504121: dns2tcp: Buffer overflow in dns_decode.c

Package: dns2tcp
Version: 0.4.dfsg-3
Severity: grave
Tags: security
Justification: user security hole

dns_decode.c contains a security flaw fixed in 0.4.2.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, ''unstable''), (1,
''experimental'')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages dns2tcp depends on:
ii  libc6                         2.7-15     GNU C Library: Shared libraries

dns2tcp recommends no packages.

dns2tcp suggests no packages.

-- no debconf information

Secure testing team - Oct 2008 - Bug#504121: dns2tcp: Buffer overflow in dns_decode.c

[Secure-testing-team] Bug#504121: dns2tcp: Buffer overflow in dns_decode.c