Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and previous versions and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent malicious users to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openbsd 4.1 |
||
openbsd openbsd 3.7 |
||
openbsd openbsd 2.8 |
||
openbsd openbsd 3.8 |
||
openbsd openbsd |
||
openbsd openbsd 3.1 |
||
openbsd openbsd 3.3 |
||
openbsd openbsd 2.9 |
||
openbsd openbsd 2.1 |
||
openbsd openbsd 2.2 |
||
openbsd openbsd 3.9 |
||
openbsd openbsd 2.0 |
||
openbsd openbsd 2.7 |
||
openbsd openbsd 3.2 |
||
openbsd openbsd 2.4 |
||
openbsd openbsd 4.2 |
||
openbsd openbsd 3.6 |
||
openbsd openbsd 3.0 |
||
openbsd openbsd 4.0 |
||
openbsd openbsd 3.5 |
||
microsoft interix 6.0 |
||
openbsd openbsd 2.6 |
||
openbsd openbsd 4.3 |
||
openbsd openbsd 2.5 |
||
openbsd openbsd 2.3 |
||
openbsd openbsd 3.4 |