DVL included Mplayer Buffer Overflow Vulnerability (CVE-2007-2948 and SAID 24302)

A stack overflow was found and reported by Stefan Cornelius of Secunia Research in the code used to handle cddb queries. Two other similar issues were found by Reimar Döffinger while fixing the issue.

Adding vulnerabilities can be so easy… just sit and wait

Comments

• Tags

  DVL 1.5 Wargame

• Recent Posts

  • DVL 1.5 has now left planning status. Bug Fixing started!
  • DVL 1.5 has left planning status!
  • Damn Vulnerable Linux Strychnine+605 1.4 final
  • DVL Strychnine+E605 1.4 release in January 2008!
  • Damn Vulnerable Linux Strychnine+E605 - version 1.4 under construction

• Recent Comments

  • Schneider on Damn Vulnerable Linux Strychnine+605 1.4 final
  • Benjamin on Damn Vulnerable Linux Strychnine+605 1.4 final
  • rick hall on Damn Vulnerable Linux Strychnine+605 1.4 final
  • Schneider on DVL 1.5 has now left planning status. Bug Fixing started!
  • saber on DVL 1.5 has now left planning status. Bug Fixing started!

• Categories

  • DVL E605
  • DVL Project
  • DVL Strychnine
  • Reverse Code Engineering