Bug #515010 reported by peter on 2010-01-31
This bug affects 1 person
Affects Status Importance Assigned to Milestone
net-tools (Ubuntu)

Bug Description

Binary package hint: ubuntuone-client

Buffer overflow in probably the arp deamon, stracktrace is included.

root@ubuntu:/home/ubuntu# arp -s 00:16:b6:5d:a3:90 -i wlan0 -D
*** buffer overflow detected ***: arp terminated

ProblemType: Bug
.home.ronin..cache.ubuntuone.log.oauth.login.log: Starting Ubuntu One client version 1.0.2
 show_applet = 1
 connected = True
 connect = 0
 bookmarked = True
Architecture: i386
Date: Sun Jan 31 07:33:32 2010
DistroRelease: Ubuntu 9.10
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
NonfreeKernelModules: nls_iso8859_1 nls_cp437 vfat fat usb_storage ipt_LOG xt_limit xt_state sha256_generic xt_pknock iptable_rawpost ipt_set ipt_SET ip_set_nethash ip_set_macipmap ip_set_iptree ip_set_portmap ip_set xt_hl xt_HL xt_string xt_psd xt_lscan xt_length2 xt_ipv4options xt_iface xt_geoip xt_fuzzy xt_condition xt_TEE sha1_generic xt_SYSRQ xt_STEAL xt_RAWNAT ip6_tables xt_LOGMARK xt_IPMARK xt_DHCPMAC xt_DELUDE xt_TARPIT ipt_REJECT xt_tcpudp xt_CHAOS compat_xtables iptable_mangle iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 nvidia cbc binfmt_misc aes_i586 aes_generic ppdev ipt_ULOG dm_crypt snd_via82xx gameport snd_mpu401_uart snd_seq_dummy arc4 snd_via82xx_modem snd_seq_oss snd_seq_midi snd_ac97_codec ecb iptable_filter snd_rawmidi snd_seq_midi_event ip_tables ac97_bus rt61pci x_tables snd_pcm_oss snd_seq snd_mixer_oss snd_seq_device snd_pcm crc_itu_t snd_timer snd_page_alloc rt2x00pci i2c_viapro snd rt2x00lib soundcore input_polldev rtl8187 mac80211 shpchp led_class eeprom_93cx6 cfg80211 psmouse serio_raw lp parport skge sata_via via_agp agpgart
Package: ubuntuone-client 1.0.2-0ubuntu2
PackageArchitecture: all
ProcVersionSignature: Ubuntu 2.6.31-17.54-generic
SourcePackage: ubuntuone-client
Uname: Linux 2.6.31-17-generic i686

Related branches

peter (peter-centho-harmsen) wrote :
affects: ubuntuone-client (Ubuntu) → net-tools (Ubuntu)
Changed in net-tools (Ubuntu):
status: New → Confirmed
Changed in net-tools (Ubuntu):
importance: Undecided → Low
Kees Cook (kees) on 2010-02-11
security vulnerability: yes → no
visibility: private → public
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package net-tools - 1.60-23ubuntu2

net-tools (1.60-23ubuntu2) lucid; urgency=low

  * Add debian/patches/Bug#569509-iface_overflow.patch: do not crash with
    oversized iface arguemnt when using -D (LP: #515010, Debian bug 569509).
 -- Kees Cook <email address hidden> Thu, 11 Feb 2010 16:27:16 -0800

Changed in net-tools (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers