null pointer dereference vulnerability in 0.1.0-0.8.13.
Posted by Igor Sysoev
All files from this thread
| File Name | File Size | Posted by | Date | ||
|---|---|---|---|---|---|
| patch.null.pointer.txt.bin | 430 bytes | open | download | Igor Sysoev | 10/26/2009 | Read message |
|
null pointer dereference vulnerability in 0.1.0-0.8.13. October 26, 2009 02:52PM | Admin Registered: 1 year ago Posts: 2,355 |
A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+.
--
Igor Sysoev
http://sysoev.ru/en/
The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+.
--
Igor Sysoev
http://sysoev.ru/en/
Pior Bastida
Re: null pointer dereference vulnerability in 0.1.0-0.8.13. October 30, 2009 12:28PM |
On Monday 26 October 2009 19:46:58 Igor Sysoev wrote:
> A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
> The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+.
Hello Igor,
Can you confirm that it's related to this vulnerability?
http://www.securityfocus.com/bid/36839
Thanks !
--
Pior Bastida
pior@pbastida.net
> A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
> The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+.
Hello Igor,
Can you confirm that it's related to this vulnerability?
http://www.securityfocus.com/bid/36839
Thanks !
--
Pior Bastida
pior@pbastida.net
|
Re: null pointer dereference vulnerability in 0.1.0-0.8.13. October 30, 2009 12:38PM | Admin Registered: 1 year ago Posts: 2,355 |
On Fri, Oct 30, 2009 at 05:22:41PM +0100, Pior Bastida wrote:
> On Monday 26 October 2009 19:46:58 Igor Sysoev wrote:
> > A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
> > The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+.
>
> Hello Igor,
>
> Can you confirm that it's related to this vulnerability?
>
> http://www.securityfocus.com/bid/36839
Yes. However, it's not a buffer overflow as stated there.
The published exploit causes always a null pointer dereference only
and you can not execute arbitrary code as stated there.
--
Igor Sysoev
http://sysoev.ru/en/
> On Monday 26 October 2009 19:46:58 Igor Sysoev wrote:
> > A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
> > The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+.
>
> Hello Igor,
>
> Can you confirm that it's related to this vulnerability?
>
> http://www.securityfocus.com/bid/36839
Yes. However, it's not a buffer overflow as stated there.
The published exploit causes always a null pointer dereference only
and you can not execute arbitrary code as stated there.
--
Igor Sysoev
http://sysoev.ru/en/
Pior Bastida
Re: null pointer dereference vulnerability in 0.1.0-0.8.13. October 31, 2009 07:52AM |
On Friday 30 October 2009 17:32:48 Igor Sysoev wrote:
> On Fri, Oct 30, 2009 at 05:22:41PM +0100, Pior Bastida wrote:
> > On Monday 26 October 2009 19:46:58 Igor Sysoev wrote:
> > > A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
> > > The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+,
> > > 0.5.38+.
> >
> > Hello Igor,
> >
> > Can you confirm that it's related to this vulnerability?
> >
> > http://www.securityfocus.com/bid/36839
>
> Yes. However, it's not a buffer overflow as stated there.
> The published exploit causes always a null pointer dereference only
> and you can not execute arbitrary code as stated there.
Thank you !
--
Pior Bastida
pior@pbastida.net
> On Fri, Oct 30, 2009 at 05:22:41PM +0100, Pior Bastida wrote:
> > On Monday 26 October 2009 19:46:58 Igor Sysoev wrote:
> > > A patch to fix null pointer dereference vulnerability in 0.1.0-0.8.13.
> > > The patch is not required for versions 0.8.15+, 0.7.62+, 0.6.39+,
> > > 0.5.38+.
> >
> > Hello Igor,
> >
> > Can you confirm that it's related to this vulnerability?
> >
> > http://www.securityfocus.com/bid/36839
>
> Yes. However, it's not a buffer overflow as stated there.
> The published exploit causes always a null pointer dereference only
> and you can not execute arbitrary code as stated there.
Thank you !
--
Pior Bastida
pior@pbastida.net
Sorry, only registered users may post in this forum.
Online Users
Guests:
77
Record Number of Users:
10
on August 27, 2010
Record Number of Guests:
177
on August 21, 2010
This forum is powered by Phorum.
 |  |  |  |