Bug#801872: dc3dd: buffer overflow
Eriberto Mota
eriberto at debian.org
Mon Nov 30 00:09:18 UTC 2015
Hi Henri,
I agree with you.
Regards,
Eriberto
2015-10-15 10:32 GMT-03:00 Henri Salo <henri at nerv.fi>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Package: dc3dd
> Version: 7.2.641-3
> Severity: normal
> Tags: security
>
> Buffer overflow issue was announced in Bugtraq[1] with proof-of-concept:
>
> dc3dd `perl -e 'print "A" x 90000'`
>
> The tool is not supposed to be executed with this kind of input so this seems to
> be minor issue. Please correct me if I am wrong. I am submitting this bug so
> that we can track the issue and make changes if needed.
>
> 1: http://seclists.org/bugtraq/2015/Oct/71
>
> - --
> Henri Salo
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
>
> iQIcBAEBAgAGBQJWH6r3AAoJECet96ROqnV0QcAQAK9EtS7IsUPly2CVVz2SeIo9
> o/u88X5FAlwhS8WPe1ByWeIorO0hOzMfIY1kVZRV3bMBW79GLD1CFBZt8+/yn+0T
> rbVu4sI3hOUnr5hRo+NINO8vUIsYSNoe380qeHvysSRO0NNxC+anOVK585sH3N6z
> BuKkAuPR7VmBPjuHsTXMdy8meRSQVp45kcfPth7ROklQRLSlLKFk7qKWsVFVLjPS
> a72u758tD1ZoqtFO2GlkywXWvJlhoBoHwUDyrTJ0wXy05QeYj/RVy18thehqV0lX
> oUoSjh8fO+1vscaTMYHbKlt/fuB4mXOYuaox4QX03BJQmuEO028j/VYAqe7fvZKe
> a7XWBK0D1TEZi2vHv9adOZRbVmJAS0oznW3Tjox1Zj42vvesUPXW7yP87BJPX0UV
> r3HShG+P8iuwMUO+CSFu6Bs/qHsMxRPRicObdII9yRlNEyH+zrl0zwS9vi75FhSR
> XYru9kB6whRmuEtdQ/zfZpj0kYn6kvzeGZFy0cq7XpHNn93wfNGLE8QENM96Mi4c
> 8MFos7uu3rQyXfzRd8Ch6jb93m+YflCFhNvKXZI5qsXKwr1kKIWNdoHmU/1nczT0
> MdE9nKrHCNDFDZdGwU+KXYzXfBAmsJJt3MuwPsBtD3UkW5ijxNzy9Q3w1HT/tBoB
> neNrPLKlCJxZenZkrV9I
> =xQYd
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> forensics-devel mailing list
> forensics-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
More information about the forensics-devel
mailing list