Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

libCapsiNetwork: Denial of service — GLSA 201507-12

A buffer overflow in libcapsinetwork might allow remote attackers to cause a Denial of Service condition.

Affected packages

Package net-libs/libcapsinetwork on all architectures
Affected versions <= 0.3.0-r2
Unaffected versions

Background

libCapsiNetwork is a C++ network library to allow fast development of server daemon processes.

Description

An off-by-one buffer overflow in libcapsinetwork network handling code is discovered.

Impact

A remote attacker could send a specially crafted request to application, that is linked with libcapsinetwork, possibly resulting in a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

Gentoo discontinued support for libCapsiNetwork. We recommend that users unmerge it: 

 # emerge --unmerge "net-libs/libcapsinetwork"

References

Release date
July 10, 2015

Latest revision
July 11, 2015: 2

Severity
normal

Exploitable
remote

Bugzilla entries