Bug 170670
Summary: | CAN-2005-3185 NTLM buffer overflow | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Josh Bressers <bressers> |
Component: | wget | Assignee: | Karsten Hopp <karsten> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://article.gmane.org/gmane.comp.web.wget.general/5064 | ||
Whiteboard: | reported=20051012,public=20051012,impact=important,source=vendorsec | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-10-19 13:35:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Josh Bressers
2005-10-13 17:32:01 UTC
This issue also affects FC3 On Fedora Core 4 this is not a security issue; wget is compiled using -D_FORTIFY_SOURCE=2 which catches and blocks this issue. Therefore on Fedora Core 4 this can only result in the program being aborted, which is not classed as a security issue. Please make a note of this in the advisory of any FC4 update to wget. From User-Agent: XML-RPC wget-1.10.2-0.fc4 has been pushed for FC4, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report. |