Bug 25079 - analog < 4.16 has buffer overflow (possible exploit via forms)
Summary: analog < 4.16 has buffer overflow (possible exploit via forms)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2001-02-13 23:50 UTC by Christopher K Davis
Modified: 2001-02-17 13:01 UTC (History)
0 users

See Also:

Attachments
file.diff (4.99 KB, patch)
2001-02-13 23:50 UTC, Christopher K Davis 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher K Davis 2001-02-13 23:50:01 UTC 
        http://www.analog.cx/security2.html 
 
"There is a buffer overflow bug in all versions of analog released 
prior to today. A malicious user could use an ALIAS command to 
construct very long strings which were not checked for length. 
 
This bug is particularly dangerous if the form interface (which allows 
unknown users to run the program via a CGI script) has been installed. 
 
This bug was discovered by the program author, and there is no known 
exploit. However, users are advised to upgrade to one of the two safe 
versions immediately, especially if they have installed the form 
interface."

Fix: Upgrade port to 4.16 (currently 4.11) using patch below.
 
This can also close out PR ports/25011 which was a patch to upgrade this
port to analog 4.15.  This patch is identical to the one supplied there 
modulo the Makefile and distinfo changes. 
How-To-Repeat: 
No known exploit...yet.   (Bug found by progam author.)
Comment 1 Michael Haro freebsd_committer freebsd_triage 2001-02-17 13:00:40 UTC 
State Changed
From-To: open->closed

committed, thanks