Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 29 Oct 2012 12:12:31 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/29/2012 09:12 AM, Andres Gomez wrote:
Hi, Could a CVE be assigned to this issue?

Name: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Software: PLIB
1.8.5 Software link: http://plib.sourceforge.net/ Vulnerability
Type: Stack Based Buffer overflow References:
http://www.exploit-db.com/exploits/21831/ 
http://www.securityfocus.com/bid/55839

Vulnerability Details: Plib is prone to stack based Buffer overflow
in the error function in ssg/ssgParser.cxx when it loads 3d model
files as X (Direct x), ASC, ASE, ATG, and OFF, if a very long error
message is passed to the function, in line 68:


// Output an error void _ssgParser::error( const char *format, ...
) { char msgbuff[ 255 ]; va_list argp;

char* msgptr = msgbuff; if (linenum) { msgptr += sprintf (
msgptr,"%s, line %d: ", path, linenum ); }

va_start( argp, format ); 68        vsprintf( msgptr, format, argp
); va_end( argp );

ulSetError ( UL_WARNING, "%s", msgbuff ) ; }

Thanks,

Andres Gomez.

-- CONFIDENTIALITY NOTICE:

This transmission is intended for the use of the individual or
entity > to  which it is addressed, and it may contain information
that is
confidential  or privileged under law. If the reader of this
message is not the intended  recipient, you are hereby notified
that retention, dissemination,  distribution or copying of this
e-mail is strictly prohibited. If you  received this e-mail in
error, please notify the sender immediately and  destroy the
original. Thank you.

Please send an email without an attempt at creating an obligation for
the receiver and I'll assign a CVE.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQjscPAAoJEBYNRVNeJnmT0OMQAMRQJvQXblxI5w27Vu3GjAoI
h06k2wyvHvziIYxKpxnegrLugtEAE8mgEiRVi5wGUCLcZ+7MyMtAuPUddbWARwA/
j/z2uxRCKIAArNIZMvsYZh3HMyHCQYvxCK/fFwwB+7UsMZ/YOQbB8zBcKPgMwLcO
bUGvAcXmBXoRpQLJ8MFOGR56Khn2xrSL+c+xSBxPcG01MwUIIlaKsx0k8+UOGKsd
1dIgjolu6JS7o06L9xukkl7XYif/rbFwbGrWNSz6RG1Pbe+Dyg3mqcsE0yZnm6Sq
T6UkcKbuJxP/81FtscohwutRIi6mvc1z6JEVbwDYuStCJBYhu0gcPDhRetA8KaTS
gUxnse1wkCEMt6yfzLVNCGhxJ9t+fF2U8PSSCcDgvSv3GiQVgl60rSArcsG6xd1J
sQBZRaWxZWnBq8Q6SdT0XJAskXsHSoWBm459TrOqnUtGTGO6DzfjgpE2mzTyUwUB
ItPIDvEW4hDn9zHJ3TM/JyC/R2FV7EeGfShTl+On/oPOslH0X9Ag9k9jxc42c1fS
sWgQYm9uutiI5KxMyVaHbREm3SBeIj5iEmaGXH8+mrtcY/IeiThS4bVaAlXgErOz
HLlgqGBttFE1Tv7wUEPUVQJ3fW0K7itph6O99zagVGDIiI3mN4cak1hfSsMemsOO
ZB+s7FiFl3U/YGIn5X6k
=YIfs
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]