Issue Details (XML | Word | Printable)

Key: CORE-2928
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Minor Minor
Assignee: Alexander Peshkov
Reporter: Alexander Peshkov
Votes: 0
Watchers: 0

If you were logged in you would be able to see more operations.
Firebird Core

Buffer overflow in gsec

Created: 17/Mar/10 09:52 AM   Updated: 28/Jul/15 07:18 PM
Component/s: GSEC
Affects Version/s: 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.1.0, 2.0.4, 2.5 Alpha 1, 2.1.1, 2.0.5, 2.1.2, 2.5 Beta 1, 2.5 Beta 2, 2.1.3, 2.5 RC1, 2.5 RC2
Fix Version/s: 2.0.6, 2.5 RC3, 2.1.4, 3.0 Alpha 1

QA Status: Cannot be tested

 Description  « Hide
For unknown reasons, gsec code copies value of password hash to internal user data structure during display operation. Since Fb2.0 (when hash became much longer than in 1.X) buffer for password, used for it, is not long enough. This is not security problem - because hash value never travels somewhere any more. This also can't cause any harm - because right after password field there are first, middle and last names, which are filled right after password. This is not exploitable. But anyway let's better fix it, specially taking into an account that this BOF is detected by fresh versions of glibc.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
There are no comments yet on this issue.