CVE-2007-3961 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-3961
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3961

Description: Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added.

CVE Status: Candidate

References: SAID Secunia Advisory: SA26184 Secunia Advisory: SA26378 Secunia Advisory: SA27501 MISC http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.19&r2=1.20 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:018 GENTOO http://security.gentoo.org/glsa/glsa-200711-01.xml CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=188252 http://fsp.cvs.sourceforge.net/fsp/fsplib/ChangeLog?revision=1.17&view=markup

Return to the previous page.