CVE
- Id
- 2850
- CVE No.
- CVE-2001-0029
- Status
- Candidate
- Description
- Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup.
- Phase
- Modified (20020222-01)
- Votes
- ACCEPT(2) Baker, Cole | MODIFY(1) Frech | NOOP(3) Christey, Wall, Ziese
- Comments
- Frech> XF:oops-dns-bo(6122) | Christey> This looks like a different overflow than the one described | in the original post at: | http://archives.neohapsis.com/archives/bugtraq/2000-12/0127.html | The vendor does acknowledge *that* problem in the 1.5.0 | comments of | http://zipper.paco.net/~igor/oops/ChangeLog | Christey> Vendor fixed this problem between 1.4.22 and 1.5.5, based | on a source code comparison. | CD:SF-LOC says that bugs of the same type, that appear in | different versions, must be SPLIT. Therefore this should | stay separate from CVE-2001-0028. | | Change MISC to CONFIRM. The comments for version 1.5.4 | say "more sprintf/strncpy fixes" and that"s the type of | changes that were made in lib.c, the code that was listed | in the Bugtraq post for this CAN.
