hugo/content/about/security/advisories/cve-2011-3184-00.md@8400662befb3
hugo/content/about/security/advisories/cve-2011-3184-00.md
Fri, 28 Feb 2025 00:58:39 -0600
- author
- Gary Kramlich <grim@reaperworld.com>
- date
- Fri, 28 Feb 2025 00:58:39 -0600
- changeset 547
- 8400662befb3
- parent 399
- 0ec2c139628a
- permissions
- -rw-r--r--
Add the Meshtastic plugin
I meant to add this awhile ago but somehow missed it.
Testing Done:
Ran `npm run hugo:server` and verified the plugin showed up.
Reviewed at https://reviews.imfreedom.org/r/3861/
--- title: cve-2011-3184-00 date: 2011-08-20T00:00:00.000Z cveNumber: cve-2011-3184 summary: Remote crash in MSN protocol plugin discoveredBy: Marius Wachtler fixedInRelease: 2.10.0 type: security layout: cve hidden: true --- ### Description Incorrect handling of HTTP 100 responses in the MSN protocol plugin can cause the application to attempt to access memory that it does not have access to. This only affects users who have turned on the HTTP connection method for their accounts (it's off by default). This might only be triggerable by a malicious server and not a malicious peer. We believe remote code execution is not possible. ### Mitigation Correctly take into account the size of HTTP 100 response when parsing server messages.
