[Security] mapserver DoS vuln and CGI arg passing vuln
Bug #617489 reported by
Brian Thomason
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| mapserver (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| Jaunty |
Fix Released
|
Undecided
|
Brian Thomason | ||
| Maverick |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
The version of mapserver in Jaunty contains two vulnerabilities:
1.) Buffer overflow in the msTmpFile function in maputil.c allows local users to cause a denial of service via vectors involving names of temporary files.
2.) mapserv.c does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.
Related branches
| Changed in mapserver (Ubuntu): | |
| assignee: | nobody → Brian Thomason (brian-thomason) |
Revision history for this message
| Brian Thomason (brian-thomason) wrote | #1 |
Revision history for this message
| Jamie Strandboge (jdstrand) wrote | #2 |
| visibility: | private → public |
| Changed in mapserver (Ubuntu Maverick): | |
| status: | New → Invalid |
| Changed in mapserver (Ubuntu Jaunty): | |
| assignee: | nobody → Brian Thomason (brian-thomason) |
| status: | New → Fix Committed |
| Changed in mapserver (Ubuntu Maverick): | |
| assignee: | Brian Thomason (brian-thomason) → nobody |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in mapserver (Ubuntu Jaunty): | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Uploaded to security queue. Thanks Brian!