CVE-2008-3577 (vulnerable 0.1.0 - fixed 0.6.2)

Short description: Buffer overflow in "-g" parameter handling

Official CVE-2008-3577 entry at

Related bug reports:

Related commits:

Patches: (sometimes more fuzz is needed to apply them)

Buffer overflow allowing local users to possibly execute arbitrary code via a large filename supplied to the ā€œ-gā€ parameter in the ttd_main function.

NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments.