Package: hashcash Severity: grave Tags: security Justification: user security hole
Format string vulnerability in Hashcash 1.x allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header. See http://www.gentoo.org/security/en/glsa/glsa-200503-12.xml http://secunia.com/advisories/14487 Patch is at http://bugs.gentoo.org/show_bug.cgi?id=83541 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
