subject:"Bug#801872\: dc3dd\: buffer overflow"

Bug#801872: dc3dd: buffer overflow

2015-11-29 Thread Eriberto Mota

Hi Henri,

I agree with you.

Regards,

Eriberto


2015-10-15 10:32 GMT-03:00 Henri Salo :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Package: dc3dd
> Version: 7.2.641-3
> Severity: normal
> Tags: security
>
> Buffer overflow issue was announced in Bugtraq[1] with proof-of-concept:
>
> dc3dd `perl -e 'print "A" x 9'`
>
> The tool is not supposed to be executed with this kind of input so this seems 
> to
> be minor issue. Please correct me if I am wrong. I am submitting this bug so
> that we can track the issue and make changes if needed.
>
> 1: http://seclists.org/bugtraq/2015/Oct/71
>
> - --
> Henri Salo
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.12 (GNU/Linux)
>
> iQIcBAEBAgAGBQJWH6r3AAoJECet96ROqnV0QcAQAK9EtS7IsUPly2CVVz2SeIo9
> o/u88X5FAlwhS8WPe1ByWeIorO0hOzMfIY1kVZRV3bMBW79GLD1CFBZt8+/yn+0T
> rbVu4sI3hOUnr5hRo+NINO8vUIsYSNoe380qeHvysSRO0NNxC+anOVK585sH3N6z
> BuKkAuPR7VmBPjuHsTXMdy8meRSQVp45kcfPth7ROklQRLSlLKFk7qKWsVFVLjPS
> a72u758tD1ZoqtFO2GlkywXWvJlhoBoHwUDyrTJ0wXy05QeYj/RVy18thehqV0lX
> oUoSjh8fO+1vscaTMYHbKlt/fuB4mXOYuaox4QX03BJQmuEO028j/VYAqe7fvZKe
> a7XWBK0D1TEZi2vHv9adOZRbVmJAS0oznW3Tjox1Zj42vvesUPXW7yP87BJPX0UV
> r3HShG+P8iuwMUO+CSFu6Bs/qHsMxRPRicObdII9yRlNEyH+zrl0zwS9vi75FhSR
> XYru9kB6whRmuEtdQ/zfZpj0kYn6kvzeGZFy0cq7XpHNn93wfNGLE8QENM96Mi4c
> 8MFos7uu3rQyXfzRd8Ch6jb93m+YflCFhNvKXZI5qsXKwr1kKIWNdoHmU/1nczT0
> MdE9nKrHCNDFDZdGwU+KXYzXfBAmsJJt3MuwPsBtD3UkW5ijxNzy9Q3w1HT/tBoB
> neNrPLKlCJxZenZkrV9I
> =xQYd
> -END PGP SIGNATURE-
>
> ___
> forensics-devel mailing list
> forensics-devel@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#801872: dc3dd: buffer overflow

2015-10-15 Thread Henri Salo

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Package: dc3dd
Version: 7.2.641-3
Severity: normal
Tags: security

Buffer overflow issue was announced in Bugtraq[1] with proof-of-concept:

dc3dd `perl -e 'print "A" x 9'`

The tool is not supposed to be executed with this kind of input so this seems to
be minor issue. Please correct me if I am wrong. I am submitting this bug so
that we can track the issue and make changes if needed.

1: http://seclists.org/bugtraq/2015/Oct/71

- -- 
Henri Salo
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJWH6r3AAoJECet96ROqnV0QcAQAK9EtS7IsUPly2CVVz2SeIo9
o/u88X5FAlwhS8WPe1ByWeIorO0hOzMfIY1kVZRV3bMBW79GLD1CFBZt8+/yn+0T
rbVu4sI3hOUnr5hRo+NINO8vUIsYSNoe380qeHvysSRO0NNxC+anOVK585sH3N6z
BuKkAuPR7VmBPjuHsTXMdy8meRSQVp45kcfPth7ROklQRLSlLKFk7qKWsVFVLjPS
a72u758tD1ZoqtFO2GlkywXWvJlhoBoHwUDyrTJ0wXy05QeYj/RVy18thehqV0lX
oUoSjh8fO+1vscaTMYHbKlt/fuB4mXOYuaox4QX03BJQmuEO028j/VYAqe7fvZKe
a7XWBK0D1TEZi2vHv9adOZRbVmJAS0oznW3Tjox1Zj42vvesUPXW7yP87BJPX0UV
r3HShG+P8iuwMUO+CSFu6Bs/qHsMxRPRicObdII9yRlNEyH+zrl0zwS9vi75FhSR
XYru9kB6whRmuEtdQ/zfZpj0kYn6kvzeGZFy0cq7XpHNn93wfNGLE8QENM96Mi4c
8MFos7uu3rQyXfzRd8Ch6jb93m+YflCFhNvKXZI5qsXKwr1kKIWNdoHmU/1nczT0
MdE9nKrHCNDFDZdGwU+KXYzXfBAmsJJt3MuwPsBtD3UkW5ijxNzy9Q3w1HT/tBoB
neNrPLKlCJxZenZkrV9I
=xQYd
-END PGP SIGNATURE-

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#801872: dc3dd: buffer overflow

Bug#801872: dc3dd: buffer overflow

2 matches

Site Navigation

Mail list logo

Footer information