Bug 272081 (CVE-2007-4629)

Summary: CVE-2007-4629 Buffer overflow via long strings passed to mapserver
Product: [Fedora] Fedora Reporter: Lubomir Kundrak <lkundrak>
Component: mapserverAssignee: Balint Cristian <cbalint>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: medium    
Version: 7CC: oliver
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: All   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4629
Whiteboard:
Fixed In Version: 4.10.3-2.fc7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-09-04 22:14:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Lubomir Kundrak 2007-08-31 16:19:51 UTC 
Name: CVE-2007-4629
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4629
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20070830
Category:
Reference: CONFIRM:http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/
Reference: CONFIRM:http://trac.osgeo.org/mapserver/ticket/2252
Reference: FRSIRT:ADV-2007-2974
Reference: URL:http://www.frsirt.com/english/advisories/2007/2974

Buffer overflow in the processLine funtion in maptemplate.c in
MapServer before 4.10.3 allows attackers to cause a denial of service
and possibly execute arbitrary code via a mapfile with a long layer
name, group name, or metadata entry name.
Comment 2 Lubomir Kundrak 2007-09-04 16:50:22 UTC 
The fix for this was commited together with fox for bug #256561 and update is
about to be pushed to stable.
Comment 3 Fedora Update System 2007-09-04 22:14:13 UTC 
mapserver-4.10.3-2.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.