Actions
Security #5028
closed
SB
SB
smtp: GetLine function buffers data indefinitely if 0x0a was not found in the frag'd input
Security #5028:
smtp: GetLine function buffers data indefinitely if 0x0a was not found in the frag'd input
Affected Versions:
Label:
CVE:
Git IDs:
412b77cc8c970fedc3b13bb24ad4af88eb65a631
Severity:
MODERATE
Disclosure Date:
Description
The code we tend to execute is
SCReturnStruct(APP_LAYER_INCOMPLETE(state->consumed, state->input_len + 1));
indefinitely.
SB Updated by Shivani Bhardwaj about 4 years ago
- Copied from Security #5023: smtp: GetLine function buffers data indefinitely if 0x0a was not found int the frag'd input added
SB Updated by Shivani Bhardwaj about 4 years ago
- Assignee changed from Shivani Bhardwaj to Jeff Lucovsky
The fix will have to be backported from 6.0.x and not master
JL Updated by Jeff Lucovsky about 4 years ago
- Status changed from Assigned to In Progress
SB Updated by Shivani Bhardwaj almost 4 years ago
- Status changed from In Progress to In Review
- Assignee changed from Jeff Lucovsky to Shivani Bhardwaj
VJ Updated by Victor Julien almost 4 years ago
- Status changed from In Review to Resolved
Fix staged.
VJ Updated by Victor Julien almost 4 years ago
- Tracker changed from Bug to Security
- Severity set to MODERATE
JI Updated by Jason Ish almost 4 years ago
- Status changed from Resolved to Closed
- Git IDs updated (diff)
VJ Updated by Victor Julien over 3 years ago
- Private changed from Yes to No
Actions