Package: apcalc Version: 2.12.1.5-1 Severity: grave Tags: security Justification: user security hole
Hi, I reported this bug as a security hole just because I found what it seems to be a dangling pointer... I have no idea if it could be maliciously exploted... so feel free to downgrade its severity if you can certify otherwise. The bug can be reproduced by simply calling config("mode","XX") where XX is any non-valid option... for example "Exp". The return string says: Unknown mode "YY" where YY is some random garbage. I'm running etch on an AMD64, but I tested this bug in both chroot i386/etch and chroot amd64/sid, reproducing in both cases. Thanks! -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable'), (50, 'unstable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-amd64 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages apcalc depends on: ii apcalc-common 2.12.1.5-1 Arbitrary precision calculator (co ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii libncurses5 5.5-5 Shared libraries for terminal hand ii libreadline5 5.2-2 GNU readline and history libraries apcalc recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]