FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

grip -- CDDB response multiple matches buffer overflow vulnerability

Affected packages
grip < 3.2.0_7


VuXML ID bcf27002-94c3-11d9-a9e0-0001020eed82
Discovery 2003-11-02
Entry 2005-03-14
Modified 2005-03-18

Joseph VanAndel reports that grip is vulnerability to a buffer overflow vulnerability when receiving more than 16 CDDB responses. This could lead to a crash in grip and potentially execution arbitrary code.

A workaround is to disable CDDB lookups.


Bugtraq ID 12770
CVE Name CVE-2005-0706