Red Hat Bugzilla – Bug 146778
CAN-2005-0211 Buffer overflow in WCCP recvfrom() call
Last modified: 2014-08-31 19:27:15 EDT
*** This bug has been split off bug 146777 ***
------- Original comment by Josh Bressers (Security Response Team) on 2005.02.01
The length argument of the WCCP recvfrom() call is larger than it should be. An
attacker may send a larger-than-normal WCCP packet and overflow a buffer.
The upstream patch for this issue can be found here:
This issue should also affect FC2.