FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ident2 double byte buffer overflow

Affected packages
ident2 <= 1.04

Details

VuXML ID 99230277-8fb4-11d8-8b29-0020ed76ef5a
Discovery 2004-04-15
Entry 2004-04-23

Jack of RaptureSecurity reported a double byte buffer overflow in ident2. The bug may allow a remote attacker to execute arbitrary code within the context of the ident2 daemon. The daemon typically runs as user-ID `nobody', but with group-ID `wheel'.

References

CVE Name CVE-2004-0408
URL http://cvsweb.freebsd.org/ports/security/ident2/files/patch-common.c