Package: libdumb Severity: serious Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CVE-2006-3668: "Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier, and current CVS as of 20060716, allows user-complicit attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an enveloper with a large number of nodes." There is a proof-of-concept expoit [1] in the original advisory [2]. I have not verified the issue. Sarge is probably vulnerable. I do not see an upstream patch, but the original advisory suggests that the issue will be fixed in the next version. Please mention the CVE in your changelog. Thanks, Alec [1] http://aluigi.org/poc/dumbit.zip [2] http://aluigi.altervista.org/adv/dumbit-adv.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEwAMzAud/2YgchcQRAnROAKCAbMTcW5DcUY9cNysbNEC1cgKznQCgxeZU bHCS1r8WWutRKUbCIaRRHw8= =26dP -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
