FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libspf2 -- Buffer overflow

Affected packages
libspf2 < 1.2.8


VuXML ID 2ddbfd29-a455-11dd-a55e-00163e000016
Discovery 2008-10-21
Entry 2008-10-27

CVE reports:

Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.


Bugtraq ID 31881
CVE Name CVE-2008-2469