Actions
Bug #1102
closed
Resource exhaustion in sftp client
Start date:
2011-06-10
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:
Description
CVE-2010-4755 refers to a resource exhaustion vulnerability in the BSD glob library.
This code is not part of the Illumos/Solaris glob library, but is part of a private library
used by the sftp client. Note that this is not a security issue because it's only on the
client side.
It has been corrected in BSD variants by enhancing the function of the GLOB_LIMIT
flag option.
Updated by Gary Mills almost 12 years ago
I've submitted an RTI for this bug.
So far, nobody has offered to integrate it.
Updated by Rich Lowe almost 12 years ago
- Category set to cmd - userland programs
- Status changed from New to Resolved
- % Done changed from 0 to 100
- Tags deleted (
needs-triage)
Resolved in r13433 commit:1fde68f76cc6
Actions