FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

greed -- insecure GRX file processing

Affected packages
greed <= 0.81p


VuXML ID bd579366-5290-11d9-ac20-00065be4b5b6
Discovery 2004-12-15
Entry 2005-01-03
Modified 2005-01-13

A buffer overflow vulnerability has been detected in the greed URL handling code. This bug can especially be a problem when greed is used to process GRX (GetRight) files that originate from untrusted sources.

The bug finder, Manigandan Radhakrishnan, gave the following description:

Here are the bugs. First, in main.c, DownloadLoop() uses strcat() to copy an input filename to the end of a 128-byte COMMAND array. Second, DownloadLoop() passes the input filename to system() without checking for special characters such as semicolons.


CVE Name CVE-2004-1273
CVE Name CVE-2004-1274