Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Buffer overflow in gsec [CORE2928] #3311

Closed
firebird-issue-importer opened this issue Mar 17, 2010 · 4 comments
Closed

Buffer overflow in gsec [CORE2928] #3311

firebird-issue-importer opened this issue Mar 17, 2010 · 4 comments

Comments

@firebird-issue-importer

Submitted by: @AlexPeshkoff

For unknown reasons, gsec code copies value of password hash to internal user data structure during display operation. Since Fb2.0 (when hash became much longer than in 1.X) buffer for password, used for it, is not long enough. This is not security problem - because hash value never travels somewhere any more. This also can't cause any harm - because right after password field there are first, middle and last names, which are filled right after password. This is not exploitable. But anyway let's better fix it, specially taking into an account that this BOF is detected by fresh versions of glibc.

Commits: 9c9db87 d854a54 522fa7f bbc3b37

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Mar 17, 2010

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Mar 17, 2010

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.0.6 [ 10303 ]

Fix Version: 2.5 RC3 [ 10381 ]

Fix Version: 2.1.4 [ 10361 ]

Fix Version: 3.0 Alpha 1 [ 10331 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Feb 4, 2011

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jul 28, 2015

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: Cannot be tested

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment