Red Hat Bugzilla – Bug 146779
CAN-2005-0211 Buffer overflow in WCCP recvfrom() call
Last modified: 2014-08-31 19:27:15 EDT
*** This bug has been split off bug 146777 ***
------- Original comment by Josh Bressers (Security Response Team) on 2005.02.01
The length argument of the WCCP recvfrom() call is larger than it should be. An
attacker may send a larger-than-normal WCCP packet and overflow a buffer.
The upstream patch for this issue can be found here:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.