Potential integer underflow in remote code #9201
Labels
module/remote
reporter/operations
type/bug/vulnerability
Exploitable vulnerability
type/bug
Something isn't working
Milestone
Hello team,
After checking the remote code, we observed something that should be reviewed because it could incur an integer underflow. Specifically here: https://github.com/wazuh/wazuh/blob/master/src/remoted/secure.c#L77
After defining the size, and depending on the input value, the following can have a lower value: https://github.com/wazuh/wazuh/blob/master/src/remoted/secure.c#L477 For instance, with a buffer of
!1234!Reported by Johannes Segitz of SUSE
Regards,
Miguel Casares
The text was updated successfully, but these errors were encountered: