---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Cscope Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA21601 VERIFY ADVISORY: http://secunia.com/advisories/21601/ CRITICAL: Less critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Cscope 15.x http://secunia.com/product/4278/ DESCRIPTION: Will Drewry has reported some vulnerabilities in Cscope, which potentially can be exploited by malicious people to compromise a vulnerable system. 1) Various boundary errors within the parsing of file lists or the expansion of environment variables can be exploited to cause stack-based buffer overflows when parsing specially crafted "cscope.lists" files or directories. 2) A boundary error within the parsing of command line arguments can be exploited to cause a stack-based buffer overflow when supplying an overly long "reffile" argument. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply patches. http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500 http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500 PROVIDED AND/OR DISCOVERED BY: Will Drewry, Google Security Team ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------