Candidate: CVE-2011-4620
PublicDate: 2011-12-31 01:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4620
 http://www.exploit-db.com/exploits/18258/
 http://openwall.com/lists/oss-security/2011/12/21/2
Description:
 Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB
 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted
 remote attackers to execute arbitrary code via vectors involving a long
 error message, as demonstrated by a crafted acc file for TORCS. NOTE: some
 of these details are obtained from third party information.
Ubuntu-Description:
Notes:
 tyhicks> The flaw is only in plib, which is used by torcs.
Bugs:
Priority: medium
Discovered-by:
Assigned-to: tyhicks
CVSS: 

Patches_torcs:
upstream_torcs: not-affected (code not present)
hardy_torcs: ignored (reached end-of-life)
lucid_torcs: not-affected (code not present)
maverick_torcs: not-affected (code not present)
natty_torcs: not-affected (code not present)
oneiric_torcs: not-affected (code not present)
devel_torcs: not-affected (code not present)

Patches_plib:
upstream_plib: released (1.8.5-5.2)
hardy_plib: ignored (reached end-of-life)
lucid_plib: released (1.8.5-5+squeeze1build0.10.04.1)
maverick_plib: released (1.8.5-5+squeeze1build0.10.10.1)
natty_plib: released (1.8.5-5+squeeze1build0.11.04.1)
oneiric_plib: released (1.8.5-5+squeeze1build0.11.10.1)
devel_plib: released (1.8.5-5.2)