Echelog on AMD-64 Variadic Parameter Multiple Iteration Stack Corruption DoS

2005-10-23T06:46:16
ID OSVDB:20244
Type osvdb
Reporter Kamil Toman()
Modified 2005-10-23T06:46:16

Description

Vulnerability Description

A stack corruption issue exists in Echelog. The program contains a flaw that may allow a local attacker to cause a denial of service. The issue is due to unspecified functions doing multiple iterations over variadic parameters. The issue can occur on AMD-64 platforms (and possibly others, although untested).

Solution Description

Upgrade to version 0.6.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A stack corruption issue exists in Echelog. The program contains a flaw that may allow a local attacker to cause a denial of service. The issue is due to unspecified functions doing multiple iterations over variadic parameters. The issue can occur on AMD-64 platforms (and possibly others, although untested).

References:

Vendor URL: http://echelog.sourceforge.net/ Vendor Specific News/Changelog Entry: https://sourceforge.net/project/shownotes.php?release_id=365508 CVE-2005-4742