Candidate: CVE-2012-4436
PublicDate: 2012-10-22 23:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4436
 http://seclists.org/oss-sec/2012/q3/509
Description:
 Buffer overflow in the run_last_args function in client/fwknop.c in fwknop
 before 2.0.3, when processing --last, might allow local users to cause a
 denial of service (client crash) and possibly execute arbitrary code via
 many .fwknop.run arguments.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688151
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_fwknop:
 vendor: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc
upstream_fwknop: released (2.0.3-1)
hardy_fwknop: DNE
lucid_fwknop: ignored (reached end-of-life)
natty_fwknop: ignored (reached end-of-life)
oneiric_fwknop: ignored (reached end-of-life)
precise_fwknop: ignored (reached end-of-life)
precise/esm_fwknop: DNE (precise was needs-triage)
quantal_fwknop: ignored (reached end-of-life)
raring_fwknop: ignored (reached end-of-life)
saucy_fwknop: ignored (reached end-of-life)
trusty_fwknop: not-affected (2.6.0-2)
trusty/esm_fwknop: DNE (trusty was not-affected [2.6.0-2])
utopic_fwknop: ignored (reached end-of-life)
vivid_fwknop: ignored (reached end-of-life)
vivid/stable-phone-overlay_fwknop: DNE
vivid/ubuntu-core_fwknop: DNE
wily_fwknop: ignored (reached end-of-life)
xenial_fwknop: not-affected (2.6.0-2)
yakkety_fwknop: ignored (reached end-of-life)
zesty_fwknop: ignored (reached end-of-life)
artful_fwknop: ignored (reached end-of-life)
bionic_fwknop: not-affected (2.6.0-2)
cosmic_fwknop: not-affected (2.6.0-2)
devel_fwknop: not-affected (2.6.0-2)