Candidate: CVE-2012-4415
PublicDate: 2012-10-01 03:26:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4415
 http://guac-dev.org/trac/changeset/7dcefa744b4a38825619c00ae8b47e5bae6e38c0/libguac
Description:
 Stack-based buffer overflow in the guac_client_plugin_open function in
 libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial
 of service (crash) or execute arbitrary code via a long protocol name.
Ubuntu-Description:
Notes:
 sbeattie> looks to be stack-based overflow
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libguac:
upstream_libguac: released (0.6.0-2)
hardy_libguac: DNE
lucid_libguac: DNE
natty_libguac: DNE
oneiric_libguac: DNE
precise_libguac: ignored (reached end-of-life)
precise/esm_libguac: DNE (precise was needed)
quantal_libguac: ignored (reached end-of-life)
raring_libguac: ignored (reached end-of-life)
saucy_libguac: ignored (reached end-of-life)
trusty_libguac: not-affected (0.6.0-2)
trusty/esm_libguac: DNE (trusty was not-affected [0.6.0-2])
utopic_libguac: ignored (reached end-of-life)
vivid_libguac: ignored (reached end-of-life)
vivid/stable-phone-overlay_libguac: DNE
vivid/ubuntu-core_libguac: DNE
wily_libguac: not-affected (0.6.0-2)
xenial_libguac: DNE
yakkety_libguac: DNE
zesty_libguac: DNE
devel_libguac: DNE

Patches_guacamole-server:
upstream_guacamole-server: needs-triage
precise_guacamole-server: DNE
precise/esm_guacamole-server: DNE
trusty_guacamole-server: not-affected (0.6.0-2)
trusty/esm_guacamole-server: DNE (trusty was not-affected [0.6.0-2])
utopic_guacamole-server: ignored (reached end-of-life)
vivid_guacamole-server: ignored (reached end-of-life)
vivid/stable-phone-overlay_guacamole-server: DNE
vivid/ubuntu-core_guacamole-server: DNE
wily_guacamole-server: not-affected (0.6.0-2)
xenial_guacamole-server: not-affected (0.6.0-2)
yakkety_guacamole-server: not-affected (0.6.0-2)
zesty_guacamole-server: not-affected (0.6.0-2)
devel_guacamole-server: not-affected (0.6.0-2)