Date: Sun, 8 Apr 2007 01:05:57 GMT From: Jeff Forsythe<tornandfilthy2006@yahoo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/111365: CVE-2007-1719 - mcweject buffer overflow Message-ID: <200704080105.l3815vaU033395@www.freebsd.org> Resent-Message-ID: <200704080120.l381K1Pe084854@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 111365 >Category: misc >Synopsis: CVE-2007-1719 - mcweject buffer overflow >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Apr 08 01:20:01 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Jeff Forsythe >Release: 6.2 >Organization: >Environment: >Description: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1719 Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name. ---- Didn't see any bug reports or responses from FreeBSD, thought I'd check if this was known, and if a fix is in place. >How-To-Repeat: Exploit: http://milw0rm.com/exploits/3578 >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704080105.l3815vaU033395>