CVE-2008-3577 (vulnerable 0.1.0 - fixed 0.6.2)

Short description: Buffer overflow in "-g" parameter handling

Official CVE-2008-3577 entry at cve.mitre.org.

Related bug reports:

  • There are no related bugs.

Related commits:

Patches: (sometimes more fuzz is needed to apply them)

Buffer overflow allowing local users to possibly execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function.

NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.