Actions
Security #5023
closed
SB
SB
smtp: GetLine function buffers data indefinitely if 0x0a was not found int the frag'd input
Security #5023:
smtp: GetLine function buffers data indefinitely if 0x0a was not found int the frag'd input
Affected Versions:
Label:
CVE:
Git IDs:
57a7cf7a0bcc9140a326c91a21e5d21fd2236f49
078c251deacc78b8abb40c5ab89d19c29e31bdf8
cf749fd450ca41dc001c2a1c10d8d17500dcedce
6e800a8548d9d2699589cac6afca3c0fa7613202
e7417a8e96fcd23fa9e3b529d7c2bbd7b3efb928
Severity:
HIGH
Disclosure Date:
Description
The code we tend to execute is
SCReturnStruct(APP_LAYER_INCOMPLETE(state->consumed, state->input_len + 1));
indefinitely.
SB Updated by Shivani Bhardwaj about 4 years ago
- Description updated (diff)
SB Updated by Shivani Bhardwaj about 4 years ago
- Copied to Security #5027: smtp: GetLine function buffers data indefinitely if 0x0a was not found int the frag'd input added
SB Updated by Shivani Bhardwaj about 4 years ago
- Copied to Security #5028: smtp: GetLine function buffers data indefinitely if 0x0a was not found in the frag'd input added
VJ Updated by Victor Julien about 4 years ago
- Tracker changed from Bug to Security
- Severity set to HIGH
SB Updated by Shivani Bhardwaj almost 4 years ago
- Status changed from Assigned to In Review
VJ Updated by Victor Julien almost 4 years ago
- Status changed from In Review to Closed
- Git IDs updated (diff)
VJ Updated by Victor Julien over 3 years ago
- Private changed from Yes to No
- Label deleted (
Needs backport to 5.0, Needs backport to 6.0)
Actions