Buffer overflow in Analog prior to 4.16 allows remote malicious users to execute arbitrary commands by using the ALIAS command to construct large strings.
The author of analog, Stephen Turner, has found a buffer
overflow bug in all versions of analog except of version 416 A malicious
user could use an ALIAS command to construct very long strings which were not
checked for length and boundaries This bug is particularly dangerous if the
form interface (which allows unknown users to run the program v ...