Enhanced CTorrent / Bugs / #14 Exploitable buffer overflow v3.3.2

#14 Exploitable buffer overflow v3.3.2

Status: closed-fixed

Owner: nobody

Labels: Client (14)

Priority: 7

Updated: 2009-05-02

Created: 2009-04-28

Creator: Pete

Private: No

An exploitable buffer overflow has been announced by Michael Brooks in the btFiles::BuildFromMI function. See http://www.securityfocus.com/bid/34584/info for further information.

Discussion

Pete - 2009-04-28

priority: 5 --> 7
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

dholmes999 - 2009-04-30

buffer overflow patch

2782875.diff

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

dholmes999 - 2009-04-30

Thanks... this is now fixed in subversion r302 and scheduled for release 3.3.3.
A patch for just the buffer overflow issue is also attached to this record.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

dholmes999 - 2009-04-30

status: open --> open-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

dholmes999 - 2009-05-02

status: open-fixed --> closed-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Exploitable buffer overflow v3.3.2

Group

Searches

Help

#14 Exploitable buffer overflow v3.3.2

Discussion