hugo/content/about/security/advisories/cve-2004-0785-01.md@8400662befb3
hugo/content/about/security/advisories/cve-2004-0785-01.md
Fri, 28 Feb 2025 00:58:39 -0600
- author
- Gary Kramlich <grim@reaperworld.com>
- date
- Fri, 28 Feb 2025 00:58:39 -0600
- changeset 547
- 8400662befb3
- parent 394
- c83367e9b2db
- permissions
- -rw-r--r--
Add the Meshtastic plugin
I meant to add this awhile ago but somehow missed it.
Testing Done:
Ran `npm run hugo:server` and verified the plugin showed up.
Reviewed at https://reviews.imfreedom.org/r/3861/
--- title: cve-2004-0785-01 date: 2004-08-26T00:00:00.000Z cveNumber: cve-2004-0785 summary: Local hostname resolution buffer overflow discoveredBy: Sean (infamous42md) fixedInRelease: 0.82 type: security layout: cve hidden: true --- ### Description Buffer overflow. If the local computer's host name is not in /etc/hosts, and the computer performs a DNS query to obtain its hostname when signing on to zephyr, it could receive a reply with a hostname greater than `MAXHOSTNAMELEN` (generally 64 bytes). If `gethostbyname()` does not ensure the size of `hostent->h_name` is less than `MAXHOSTNAMELEN`, this value would be copied to a buffer that is not large enough. ### Mitigation The calls to copy the hostname were replaced with calls that check the length of the destination buffer.
