• info
• discussion
• exploit
• solution
• references

wv2 Remote Buffer Overflow Vulnerability

Solution:
The vendor has released a fixed version of the affected library.

Please see the referenced advisories for more information on obtaining and applying fixes.


wvWare wv2 0.2.2

• Debian libwv2-1_0.2.2-1sarge1_alpha.deb
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_alpha.deb


• Debian libwv2-1_0.2.2-1sarge1_alpha.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_alpha.deb


• Debian libwv2-1_0.2.2-1sarge1_amd64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_amd64.deb


• Debian libwv2-1_0.2.2-1sarge1_arm.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_arm.deb


• Debian libwv2-1_0.2.2-1sarge1_hppa.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_hppa.deb


• Debian libwv2-1_0.2.2-1sarge1_i386.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_i386.deb


• Debian libwv2-1_0.2.2-1sarge1_ia64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_ia64.deb


• Debian libwv2-1_0.2.2-1sarge1_m68k.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_m68k.deb


• Debian libwv2-1_0.2.2-1sarge1_mips.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_mips.deb


• Debian libwv2-1_0.2.2-1sarge1_mipsel.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_mipsel.deb


• Debian libwv2-1_0.2.2-1sarge1_powerpc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_powerpc.deb


• Debian libwv2-1_0.2.2-1sarge1_s390.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_s390.deb


• Debian libwv2-1_0.2.2-1sarge1_sparc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-1_0.2.2-1sar ge1_sparc.deb


• Debian libwv2-dev_0.2.2-1sarge1_alpha.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_alpha.deb


• Debian libwv2-dev_0.2.2-1sarge1_amd64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_amd64.deb


• Debian libwv2-dev_0.2.2-1sarge1_arm.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_arm.deb


• Debian libwv2-dev_0.2.2-1sarge1_hppa.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_hppa.deb


• Debian libwv2-dev_0.2.2-1sarge1_ia64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_ia64.deb


• Debian libwv2-dev_0.2.2-1sarge1_m68k.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_m68k.deb


• Debian libwv2-dev_0.2.2-1sarge1_mips.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_mips.deb


• Debian libwv2-dev_0.2.2-1sarge1_mipsel.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_mipsel.deb


• Debian libwv2-dev_0.2.2-1sarge1_powerpc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_powerpc.deb


• Debian libwv2-dev_0.2.2-1sarge1_s390.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_s390.deb


• Debian libwv2-dev_0.2.2-1sarge1_sparc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/wv2/libwv2-dev_0.2.2-1s arge1_sparc.deb


• Mandriva lib64wv2_1-0.2.2-3.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0/X86_64:
  http://wwwnew.mandriva.com/en/downloads/


• Mandriva libwv2_1-0.2.2-3.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://wwwnew.mandriva.com/en/downloads/


• Ubuntu libwv2-1_0.2.2-1ubuntu1.1_amd64.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/universe/w/wv2/libwv2-1_0.2.2-1 ubuntu1.1_amd64.deb


• Ubuntu libwv2-1_0.2.2-1ubuntu1.1_i386.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/universe/w/wv2/libwv2-1_0.2.2-1 ubuntu1.1_i386.deb


• Ubuntu libwv2-1_0.2.2-1ubuntu1.1_powerpc.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/universe/w/wv2/libwv2-1_0.2.2-1 ubuntu1.1_powerpc.deb


• Ubuntu libwv2-1c2_0.2.2-1ubuntu2.1_amd64.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-1c2_0.2.2-1ub untu2.1_amd64.deb


• Ubuntu libwv2-1c2_0.2.2-1ubuntu2.1_i386.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-1c2_0.2.2-1ub untu2.1_i386.deb


• Ubuntu libwv2-1c2_0.2.2-1ubuntu2.1_powerpc.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-1c2_0.2.2-1ub untu2.1_powerpc.deb


• Ubuntu libwv2-1c2_0.2.2-5ubuntu0.1_amd64.deb
  Ubuntu 6.06 LTS:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-1c2_0.2.2-5ub untu0.1_amd64.deb


• Ubuntu libwv2-1c2_0.2.2-5ubuntu0.1_i386.deb
  Ubuntu 6.06 LTS:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-1c2_0.2.2-5ub untu0.1_i386.deb


• Ubuntu libwv2-1c2_0.2.2-5ubuntu0.1_powerpc.deb
  Ubuntu 6.06 LTS:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-1c2_0.2.2-5ub untu0.1_powerpc.deb


• Ubuntu libwv2-dev_0.2.2-1ubuntu1.1_amd64.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/universe/w/wv2/libwv2-dev_0.2.2 -1ubuntu1.1_amd64.deb


• Ubuntu libwv2-dev_0.2.2-1ubuntu1.1_i386.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/universe/w/wv2/libwv2-dev_0.2.2 -1ubuntu1.1_i386.deb


• Ubuntu libwv2-dev_0.2.2-1ubuntu1.1_powerpc.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/universe/w/wv2/libwv2-dev_0.2.2 -1ubuntu1.1_powerpc.deb


• Ubuntu libwv2-dev_0.2.2-1ubuntu2.1_amd64.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-dev_0.2.2-1ub untu2.1_amd64.deb


• Ubuntu libwv2-dev_0.2.2-1ubuntu2.1_i386.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-dev_0.2.2-1ub untu2.1_i386.deb


• Ubuntu libwv2-dev_0.2.2-1ubuntu2.1_powerpc.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-dev_0.2.2-1ub untu2.1_powerpc.deb


• Ubuntu libwv2-dev_0.2.2-5ubuntu0.1_amd64.deb
  Ubuntu 6.06 LTS:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-dev_0.2.2-5ub untu0.1_amd64.deb


• Ubuntu libwv2-dev_0.2.2-5ubuntu0.1_i386.deb
  Ubuntu 6.06 LTS:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-dev_0.2.2-5ub untu0.1_i386.deb


• Ubuntu libwv2-dev_0.2.2-5ubuntu0.1_powerpc.deb
  Ubuntu 6.06 LTS:
  http://security.ubuntu.com/ubuntu/pool/main/w/wv2/libwv2-dev_0.2.2-5ub untu0.1_powerpc.deb


• wvWare wv2-0.2.3.tar.bz2
  http://prdownloads.sourceforge.net/wvware/wv2-0.2.3.tar.bz2?download