FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bidwatcher -- format string vulnerability

Affected packages
bidwatcher < 1.3.17

Details

VuXML ID 74c86a29-81ef-11d9-a9e7-0001020eed82
Discovery 2005-02-18
Entry 2005-02-18

A Debian Security Advisory reports:

Ulf Härnhammer from the Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay, sending certain data back.

References

Bugtraq ID 12590
CVE Name CVE-2005-0158
URL http://www.debian.org/security/2005/dsa-687