VULHUB ™

Whois client is prone to a buffer overrun vulnerability when handling command line parameters of excessive length. While the client is not setuid/setgid, it is often invoked in external scripts. This could present a security vulnerability if the program is invoked with untrusted input, such as via a CGI script. It should be noted that the affected function never returns after execution. This may hinder an attacker's ability to exploit this issue to execute arbitrary code.

Whois client is prone to a buffer overrun vulnerability when handling command line parameters of excessive length. While the client is not setuid/setgid, it is often invoked in external scripts. This could present a security vulnerability if the program is invoked with untrusted input, such as via a CGI script. It should be noted that the affected function never returns after execution. This may hinder an attacker's ability to exploit this issue to execute arbitrary code.