Package: apcalc
Version: 2.12.1.5-1
Severity: grave
Tags: security
Justification: user security hole
Hi,
I reported this bug as a security hole just because I found what it
seems to be a dangling pointer... I have no idea if it could be
maliciously exploted... so feel free to downgrade its severity if you
can certify otherwise.
The bug can be reproduced by simply calling
config("mode","XX")
where XX is any non-valid option... for example "Exp". The return
string says:
Unknown mode "YY"
where YY is some random garbage.
I'm running etch on an AMD64, but I tested this bug in both
chroot i386/etch and chroot amd64/sid, reproducing in both cases.
Thanks!
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable'), (50, 'unstable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-amd64
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages apcalc depends on:
ii apcalc-common 2.12.1.5-1 Arbitrary precision calculator (co
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libncurses5 5.5-5 Shared libraries for terminal hand
ii libreadline5 5.2-2 GNU readline and history libraries
apcalc recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
