Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

-icshost buffer overflow

Related Vulnerabilities: CVE-2004-2552  

Source

Debian Bug report logs - #343560
-icshost buffer overflow

version graph

Package: xboard; Maintainer for xboard is Debian Games Team <pkg-games-devel@lists.alioth.debian.org>; Source for xboard is src:xboard (PTS, buildd, popcon).

Reported by: Joey Hess <joeyh@debian.org>

Date: Fri, 16 Dec 2005 03:33:02 UTC

Severity: normal

Found in version xboard/4.2.7-2

Fixed in version xboard/4.2.7-3

Done: Florian Ernst <florian@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Florian Ernst <florian@debian.org>:
Bug#343560; Package xboard. (full text, mbox, link).

Acknowledgement sent to Joey Hess <joeyh@debian.org>:
New Bug report received and forwarded. Copy sent to Florian Ernst <florian@debian.org>. (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Joey Hess <joeyh@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: -icshost buffer overflow
Date: Thu, 15 Dec 2005 22:31:06 -0500
[Message part 1 (text/plain, inline)]
Package: xboard
Version: 4.2.7-2
Severity: normal

Long -icshost prameters can crash xboard:

joey@dragon:~/tmp>xboard -ics -icshost $(perl -e 'print "a" x 1000')
zsh: segmentation fault  xboard -ics -icshost $(perl -e 'print "a" x 1000')

This bug is tracked as a security hole in CVE-2004-2552
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2552), but
I'm not tagging the bug as a security hole since there is no known
attack vector as xboard is not suid and is not normally called by programs
with a different set of permissions.

So I filed this bug just for completness; there's no reason not to fix
the buffer overflow anyway.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages xboard depends on:
ii  libc6                    2.3.5-8.1       GNU C Library: Shared libraries an
ii  libice6                  6.8.2.dfsg.1-11 Inter-Client Exchange library
ii  libsm6                   6.8.2.dfsg.1-11 X Window System Session Management
ii  libx11-6                 6.8.2.dfsg.1-11 X Window System protocol client li
ii  libxext6                 6.8.2.dfsg.1-11 X Window System miscellaneous exte
ii  libxmu6                  6.8.2.dfsg.1-11 X Window System miscellaneous util
ii  libxpm4                  6.8.2.dfsg.1-11 X pixmap library
ii  libxt6                   6.8.2.dfsg.1-11 X Toolkit Intrinsics
ii  xaw3dg                   1.5+E-9         Xaw3d widget set
ii  xlibs                    6.8.2.dfsg.1-11 X Window System client libraries m

Versions of packages xboard recommends:
ii  xfonts-100dpi            6.8.2.dfsg.1-11 100 dpi fonts for X
ii  xfonts-75dpi             6.8.2.dfsg.1-11 75 dpi fonts for X

-- no debconf information

-- 
see shy jo

[signature.asc (application/pgp-signature, inline)]

Information stored:
Bug#343560; Package xboard. (full text, mbox, link).

Acknowledgement sent to Florian Ernst <florian@uni-hd.de>:
Extra info received and filed, but not forwarded. (full text, mbox, link).

Message #10 received at 343560-quiet@bugs.debian.org (full text, mbox, reply):

From: Florian Ernst <florian@uni-hd.de>
To: Joey Hess <joeyh@debian.org>
Cc: 343560-quiet@bugs.debian.org
Subject: Re: Bug#343560: -icshost buffer overflow
Date: Fri, 16 Dec 2005 10:45:29 +0100
[Message part 1 (text/plain, inline)]
Hello Joey,

thanks a lot for the report.

On Thu, Dec 15, 2005 at 10:31:06PM -0500, Joey Hess wrote:
> Long -icshost prameters can crash xboard:
> [...]
> This bug is tracked as a security hole in CVE-2004-2552
> (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2552), but
> I'm not tagging the bug as a security hole since there is no known
> attack vector as xboard is not suid and is not normally called by programs
> with a different set of permissions.

I'll look into it this evening, hopefully uploading a fixed version.

Cheers,
Flo

[signature.asc (application/pgp-signature, inline)]

Reply sent to Florian Ernst <florian@debian.org>:
You have taken responsibility. (full text, mbox, link).

Notification sent to Joey Hess <joeyh@debian.org>:
Bug acknowledged by developer. (full text, mbox, link).

Message #15 received at 343560-close@bugs.debian.org (full text, mbox, reply):

From: Florian Ernst <florian@debian.org>
To: 343560-close@bugs.debian.org
Subject: Bug#343560: fixed in xboard 4.2.7-3
Date: Fri, 16 Dec 2005 13:47:45 -0800
Source: xboard
Source-Version: 4.2.7-3

We believe that the bug you reported is fixed in the latest version of
xboard, which is due to be installed in the Debian FTP archive:

xboard_4.2.7-3.diff.gz
  to pool/main/x/xboard/xboard_4.2.7-3.diff.gz
xboard_4.2.7-3.dsc
  to pool/main/x/xboard/xboard_4.2.7-3.dsc
xboard_4.2.7-3_i386.deb
  to pool/main/x/xboard/xboard_4.2.7-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 343560@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Florian Ernst <florian@debian.org> (supplier of updated xboard package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 16 Dec 2005 22:25:34 +0100
Source: xboard
Binary: xboard
Architecture: source i386
Version: 4.2.7-3
Distribution: unstable
Urgency: low
Maintainer: Florian Ernst <florian@debian.org>
Changed-By: Florian Ernst <florian@debian.org>
Description: 
 xboard     - An X Window System Chess Board
Closes: 343560
Changes: 
 xboard (4.2.7-3) unstable; urgency=low
 .
   * Fix -icshost buffer overflow (Closes: #343560)
   * Too many independent multi-file patches, so now moving to dpatch
Files: 
 b17b270b0829b594f69c5e1ebd737fcc 601 games optional xboard_4.2.7-3.dsc
 c4beb999a96b48eaea40c924f47adae5 11489 games optional xboard_4.2.7-3.diff.gz
 9ab76d0d88bd87c8a8e74d9b3117089d 520626 games optional xboard_4.2.7-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDozJfs3U+TVFLPnwRAjGgAJ0bPfFil5KnB5D5BNMjMIewZb9tVQCeOvLM
vBBvvpun4enUTkpKY4YRUt4=
=gWSA
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 26 Jun 2007 02:29:16 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 18:31:10 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started