Pan Author Email Address Remote DoS

2003-11-24T07:04:04
ID OSVDB:2855
Type osvdb
Reporter OSVDB
Modified 2003-11-24T07:04:04

Description

Vulnerability Description

Pan contains a flaw that may allow a malicious user to carry out a denial of service attack against anyone using the software. The flaw is due to an unspecified buffer not properly checking input that causes the software to crash when an overy long author e-mail address (500+ characters) is found.

Solution Description

Upgrade to version 0.13.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Pan contains a flaw that may allow a malicious user to carry out a denial of service attack against anyone using the software. The flaw is due to an unspecified buffer not properly checking input that causes the software to crash when an overy long author e-mail address (500+ characters) is found.

References:

Vendor Specific Solution URL: http://pan.rebelbase.com/download/ Secunia Advisory ID:10282 Generic Informational URL: http://bugzilla.gnome.org/show_bug.cgi?id=107025 Generic Informational URL: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107519 CVE-2003-0855