Menu
▾
▴
[Libdkim-discuss] Buffer Overflow foudn in Libdkimtest
|
From: Joshua R. <meg...@gm...> - 2014-10-30 13:00:49
|
Hi guys,
I've identified a buffer overflow in the 'libdkimtest' which can result
in execution of arbitrary commands, etc. I'm sure you guys know.
Reproducer is: libdkimtest -i`perl -e 'print "a"x256'`
Vulnerable code is libdkimtest.cpp:
> case 'i': // identity
> if( argv[n][2] == '-' )
> {
> opts.szIdentity[0] = '\0';
> }
> else
> {
> *strcpy( opts.szIdentity,
> argv[n] + 2 );*
> }
> break;
>
Could I get a CVE-ID for this?
Thanks,
--
-- Joshua Rogers <https://internot.info/>
|
