Launchpad.net

CVE 2010-4051

The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."

Related bugs and status

CVE-2010-4051 (Candidate) is related to these bugs:

Bug #343894: Regular expressions cause out of memory or SIGSEGV

Summary				In	Importance	Status
	343894	Regular expressions cause out of memory or SIGSEGV		glibc (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

SREASONRES: 20110107 GNU libc/regc...
FULLDISC: 20110107 GNU libc/regc...
MISC: http://cxib.net/stuff/...
MISC: https://bugzilla.redha...
CERT-VN: VU#912279
BID: 45233
SECTRACK: 1024832
SECUNIA: 42547
SREASON: 8003
EXPLOIT-DB: 15935
BUGTRAQ: 20110107 GNU libc/regc...
MLIST: [guacamole-issues] 202...