* February 2006 report *
DSA's
=====
none (but there might be one on its way for #352482)
Bugs
====
#353539 metamail: crashes with very long filenames in messages
#353527 mrtg: rateup crashes with long basename
#352482 metamail: crashes with very long boundaries in messages
#352450 snarf: crashes when parsing bad PASV response from server
#352369 buffer overflow in netcat helper program rservice
I've found some more overflows and NULL dereferencing bugs, as you
can see. No special techniques or anything, just ordinary mistakes.
I've included a patch that adds the five bugs to the homepage and moves
around some lines so the sorting will be better.
Metamail could use some more auditing love, as could pavuk (use the CVS
version, the Debian package is old) and sharutils.
// Ulf Harnhammar
audit-homepage3.patch
Description: Text document
_______________________________________________
Debian-audit mailing list
Debian-audit@xxxxxxxxxxxxx
http://shellcode.org/mailman/listinfo/debian-audit
| 
