Intrusion Prevention

UMN.Gopher.Client.VifromLine.Buffer.Overflow

Description

UMN's Gopher has a stack-based buffer overflow vulnerability. A remote attacker could execute arbitrary code on the system of the victim with the privileges of the application by sending a specially-crafted "+VIEWS: " reply.

Affected Products

UMN's Gopher client version 3.0.9 and prior.

Impact

Gain Access

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://quux.org/devel/gopher

CVE References

CVE-2005-2772