Red Hat Bugzilla – Bug 859002
CVE-2012-4436 fwknop (client): Buffer overflow by --last command line argument by processing of a specially-crafted ~/.fwknop.run
Last modified: 2012-09-20 07:01:49 EDT
A buffer overflow flaw, potentially leading to out-of heap-based buffer bounds write, has been corrected in upstream 2.0.3 version of fwknop (from upstream Changelog at ):
4) [client] Fernando Arnaboldi from IOActive found a local buffer overflow in --last processing with a maliciously constructed ~/.fwknop.run file. This has been fixed with proper validation of .fwknop.run arguments.
Relevant upstream patch:
This issue affects the versions of the fwknop package, as shipped with Rawhide and Fedora release of 17. Please schedule an update.
This issue did NOT affect the version of the fwknop package, as shipped with Fedora release of 16 (as it is Perl language based implementation yet).
Created fwknop tracking bugs for this issue
Affects: fedora-rawhide [bug 859006]
Affects: fedora-17 [bug 859007]