Bugs item #1620701, was opened at 2006-12-22 10:50 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1620701&group_id=139143
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: modules Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Bastian Friedrich (bastian) Assigned to: Nobody/Anonymous (nobody) Summary: Buffer overflow by long lines in permissions Initial Comment: Hi, today a bug in OpenSER was reported on bugtraq (not found by me!): http://www.securityfocus.com/archive/1/455097/30/0/threaded String lengths are not properly checked in parse_expression_list (modules/permissions/parse_config.c) while copying from input variable str (up to 500 chars) to str2 (up to 100 chars). I can reproduce the problem by using a line like ALLLLLLL (500 L's) : ALLLLLLL (another 500 L's) in a permission file. As the configuration file is under administrative control, no security breach is directly implied. Best, Bastian ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1620701&group_id=139143 _______________________________________________ Devel mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/devel
