FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Buffer overflow in INN control message handling

Affected packages
2.4.* <= inn < 2.4.1
inn-stable < 20031022_1

Details

VuXML ID fd376b8b-41e1-11d8-b096-0020ed76ef5a
Discovery 2004-01-07
Entry 2004-01-08
Modified 2004-10-21

A small, fixed-size stack buffer is used to construct a filename based on a received control message. This could result in a stack buffer overflow.

References

Message 87d69v7222.fsf@windlord.stanford.edu