Red Hat Bugzilla – Bug 527827
CVE-2009-3575 aria2: buffer overflow vulnerability
Last modified: 2010-01-04 11:49:11 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3575 to
the following vulnerability:
Reference: CONFIRM: https://qa.mandriva.com/show_bug.cgi?id=52840
Reference: URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:226
Reference: URL: http://www.securityfocus.com/bid/36332
Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3,
1.2.0, and other versions allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via unknown
The upstream patch to correct this is here:
This issue affects Fedora 10; Fedora 11 and later is new enough that the offending code has already been fixed upstream.
aria2-1.3.1-2.fc10 has been submitted as an update for Fedora 10.
aria2-1.3.1-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.