A buffer overflow flaw, potentially leading to out-of heap-based buffer bounds write, has been corrected in upstream 2.0.3 version of fwknop (from upstream Changelog at [1]): 4) [client] Fernando Arnaboldi from IOActive found a local buffer overflow in --last processing with a maliciously constructed ~/.fwknop.run file. This has been fixed with proper validation of .fwknop.run arguments. References: [1] http://www.cipherdyne.org/blog/categories/software-releases.html [2] http://secunia.com/advisories/50522/ [3] http://www.openwall.com/lists/oss-security/2012/09/20/4 Relevant upstream patch: [4] http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc
This issue affects the versions of the fwknop package, as shipped with Rawhide and Fedora release of 17. Please schedule an update. -- This issue did NOT affect the version of the fwknop package, as shipped with Fedora release of 16 (as it is Perl language based implementation yet).
Created fwknop tracking bugs for this issue Affects: fedora-rawhide [bug 859006] Affects: fedora-17 [bug 859007]