FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

remind -- buffer overflow with malicious reminder file input

Affected packages
remind < 3.1.15

Details

VuXML ID b55ecf12-5d98-11e5-9909-002590263bf5
Discovery 2015-07-27
Entry 2015-09-18

Dianne Skoll reports:

BUG FIX: Fix a buffer overflow found by Alexander Keller.

[source]

The bug can be manifested by an extended DUMP command using a system variable (that is a special variable whose name begins with '$')

References

CVE Name CVE-2015-5957
FreeBSD PR ports/202942
URL http://lists.roaringpenguin.com/pipermail/remind-fans/2015/003172.html
URL http://www.openwall.com/lists/oss-security/2015/08/07/1

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.