FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- glob(3) related resource exhaustion

Affected packages
7.4 < FreeBSD < 7.4_12
8.3 < FreeBSD < 8.3_6
9.0 < FreeBSD < 9.0_6
9.1 < FreeBSD < 9.1_1

Details

VuXML ID 3c90e093-7c6e-11e2-809b-6c626d99876c
Discovery 2013-02-19
Entry 2013-02-21

Problem description:

GLOB_LIMIT is supposed to limit the number of paths to prevent against memory or CPU attacks. The implementation however is insufficient.

References

CVE Name CVE-2010-2632
FreeBSD Advisory SA-13:02.libc