CVE-2008-2469

EPSS 39.0%

libspf2 - buffer overflow

Published: 10/23/2008Modified: 4/28/2026

Description

Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.

Affected packages (3)

Debian/libspf2from 0, < 1.2.9-1
Debian/libspf2from 0, < 1.2.5-4+etch1
Debian/libspf2from 0, < 1.2.5.dfsg-5+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2469