Bug 859002 (CVE-2012-4436) - CVE-2012-4436 fwknop (client): Buffer overflow by --last command line argument by processing of a specially-crafted ~/.fwknop.run
Summary: CVE-2012-4436 fwknop (client): Buffer overflow by --last command line argumen...
Alias: CVE-2012-4436
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 859006 859007
TreeView+ depends on / blocked
Reported: 2012-09-20 10:50 UTC by Jan Lieskovsky
Modified: 2021-10-19 21:57 UTC (History)
2 users (show)

Fixed In Version: fwknop 2.0.3
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2021-10-19 21:57:21 UTC

Attachments (Terms of Use)

Description Jan Lieskovsky 2012-09-20 10:50:24 UTC
A buffer overflow flaw, potentially leading to out-of heap-based buffer bounds write, has been corrected in upstream 2.0.3 version of fwknop (from upstream Changelog at [1]):
4) [client] Fernando Arnaboldi from IOActive found a local buffer overflow in --last processing with a maliciously constructed ~/.fwknop.run file. This has been fixed with proper validation of .fwknop.run arguments.

[1] http://www.cipherdyne.org/blog/categories/software-releases.html
[2] http://secunia.com/advisories/50522/
[3] http://www.openwall.com/lists/oss-security/2012/09/20/4

Relevant upstream patch:
[4] http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc

Comment 1 Jan Lieskovsky 2012-09-20 10:55:01 UTC
This issue affects the versions of the fwknop package, as shipped with Rawhide and Fedora release of 17. Please schedule an update.


This issue did NOT affect the version of the fwknop package, as shipped with Fedora release of 16 (as it is Perl language based implementation yet).

Comment 2 Jan Lieskovsky 2012-09-20 10:57:51 UTC
Created fwknop tracking bugs for this issue

Affects: fedora-rawhide [bug 859006]
Affects: fedora-17 [bug 859007]

Note You need to log in before you can comment on or make changes to this bug.