[CVE-2008-2363] Heap overflow in PartsBatch class via .nzb files
Bug #238089 reported by
Till Ulen
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pan |
Fix Released
|
Critical
|
|||
pan (Fedora) |
Fix Released
|
High
|
|||
pan (Gentoo Linux) |
Fix Released
|
Medium
|
|||
pan (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned | ||
Jaunty |
Fix Released
|
Undecided
|
Unassigned | ||
Karmic |
Fix Released
|
Low
|
Unassigned |
Bug Description
Binary package hint: pan
CVE-2008-2363 description:
"The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer overflow."
http://
http://
Related branches
CVE References
Changed in pan: | |
status: | Unknown → In Progress |
status: | Unknown → Confirmed |
Changed in pan: | |
status: | Unknown → New |
Changed in pan: | |
status: | New → Fix Released |
Changed in pan: | |
status: | In Progress → Fix Released |
Changed in pan (Ubuntu): | |
importance: | Undecided → Low |
Changed in pan: | |
importance: | Unknown → Critical |
Changed in pan (Gentoo Linux): | |
importance: | Unknown → Medium |
Changed in pan (Fedora): | |
importance: | Unknown → High |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Description of problem:
Version-Release number of selected component (if applicable): 2.fc8.x86_ 64
pan-0.132-
How reproducible:
Always
Steps to Reproduce:
Start pan from the command line
Actual results:
pan: parts.cc:244: void pan::Parts: :set_parts( const pan::PartBatch&): Assertion
`pch == part_mid_buf + part_mid_buf_len' failed.
Aborted
Expected results:
PAN starts
Additional info: