Vulnerabilities > CVE-2010-1938 - Numeric Errors vulnerability in multiple products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 35 | |
| Application | 9 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05). CVE-2010-1938. Dos exploit for freebsd platform |
| file | exploits/freebsd/dos/12762.txt |
| id | EDB-ID:12762 |
| last seen | 2016-02-01 |
| modified | 2010-05-27 |
| platform | freebsd |
| port | |
| published | 2010-05-27 |
| reporter | Maksymilian Arciemowicz |
| source | https://www.exploit-db.com/download/12762/ |
| title | FreeBSD 8.0 ftpd off-by one PoC FreeBSD-SA-10:05 |
| type | dos |
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-955-1.NASL description Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 65125 published 2013-03-09 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/65125 title Ubuntu 9.04 / 9.10 / 10.04 LTS : opie vulnerability (USN-955-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-955-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(65125); script_version("1.6"); script_cvs_date("Date: 2019/09/19 12:54:26"); script_cve_id("CVE-2010-1938"); script_bugtraq_id(40403); script_xref(name:"USN", value:"955-1"); script_name(english:"Ubuntu 9.04 / 9.10 / 10.04 LTS : opie vulnerability (USN-955-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/955-1/" ); script_set_attribute( attribute:"solution", value: "Update the affected libopie-dev, opie-client and / or opie-server packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libopie-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:opie-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:opie-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/05/28"); script_set_attribute(attribute:"patch_publication_date", value:"2010/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(9\.04|9\.10|10\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 9.04 / 9.10 / 10.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"9.04", pkgname:"libopie-dev", pkgver:"2.40~dfsg-0ubuntu1.9.04.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"opie-client", pkgver:"2.40~dfsg-0ubuntu1.9.04.1")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"opie-server", pkgver:"2.40~dfsg-0ubuntu1.9.04.1")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libopie-dev", pkgver:"2.40~dfsg-0ubuntu1.9.10.1")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"opie-client", pkgver:"2.40~dfsg-0ubuntu1.9.10.1")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"opie-server", pkgver:"2.40~dfsg-0ubuntu1.9.10.1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libopie-dev", pkgver:"2.40~dfsg-0ubuntu1.10.04.1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"opie-client", pkgver:"2.40~dfsg-0ubuntu1.10.04.1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"opie-server", pkgver:"2.40~dfsg-0ubuntu1.10.04.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libopie-dev / opie-client / opie-server"); }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-955-2.NASL description USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt libpam-opie packages against the updated libopie library. Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47111 published 2010-06-22 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47111 title Ubuntu 9.04 / 9.10 / 10.04 LTS : libpam-opie vulnerability (USN-955-2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-955-2. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(47111); script_version("1.9"); script_cvs_date("Date: 2019/09/19 12:54:26"); script_cve_id("CVE-2010-1938"); script_bugtraq_id(40403); script_xref(name:"USN", value:"955-2"); script_name(english:"Ubuntu 9.04 / 9.10 / 10.04 LTS : libpam-opie vulnerability (USN-955-2)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt libpam-opie packages against the updated libopie library. Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/955-2/" ); script_set_attribute( attribute:"solution", value:"Update the affected libpam-opie package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpam-opie"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/05/28"); script_set_attribute(attribute:"patch_publication_date", value:"2010/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(9\.04|9\.10|10\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 9.04 / 9.10 / 10.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"9.04", pkgname:"libpam-opie", pkgver:"0.21-8build1.9.04.1")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libpam-opie", pkgver:"0.21-8build2.1")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libpam-opie", pkgver:"0.21-8build3.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpam-opie"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2281.NASL description Sebastian Krahmer discovered that opie, a system that makes it simple to use One-Time passwords in applications, is prone to a privilege escalation (CVE-2011-2490 ) and an off-by-one error, which can lead to the execution of arbitrary code (CVE-2011-2489 ). Adam Zabrocki and Maksymilian Arciemowicz also discovered another off-by-one error (CVE-2010-1938 ), which only affects the lenny version as the fix was already included in squeeze. last seen 2020-03-17 modified 2011-07-22 plugin id 55641 published 2011-07-22 reporter This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55641 title Debian DSA-2281-1 : opie - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2281. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(55641); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2010-1938", "CVE-2011-2489", "CVE-2011-2490"); script_bugtraq_id(40403, 48390); script_xref(name:"DSA", value:"2281"); script_name(english:"Debian DSA-2281-1 : opie - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Sebastian Krahmer discovered that opie, a system that makes it simple to use One-Time passwords in applications, is prone to a privilege escalation (CVE-2011-2490 ) and an off-by-one error, which can lead to the execution of arbitrary code (CVE-2011-2489 ). Adam Zabrocki and Maksymilian Arciemowicz also discovered another off-by-one error (CVE-2010-1938 ), which only affects the lenny version as the fix was already included in squeeze." ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631344" ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631345" ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2490" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2489" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2010-1938" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/opie" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2011/dsa-2281" ); script_set_attribute( attribute:"solution", value: "Upgrade the opie packages. For the oldstable distribution (lenny), these problems have been fixed in version 2.32-10.2+lenny2. For the stable distribution (squeeze), these problems have been fixed in version 2.32.dfsg.1-0.2+squeeze1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:opie"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2011/07/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/22"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"opie", reference:"2.32-10.2+lenny2")) flag++; if (deb_check(release:"6.0", prefix:"libopie-dev", reference:"2.32.dfsg.1-0.2+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"opie-client", reference:"2.32.dfsg.1-0.2+squeeze1")) flag++; if (deb_check(release:"6.0", prefix:"opie-server", reference:"2.32.dfsg.1-0.2+squeeze1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Packetstorm
| data source | https://packetstormsecurity.com/files/download/90012/fbsd80ftpd-poc.txt |
| id | PACKETSTORM:90012 |
| last seen | 2016-12-05 |
| published | 2010-05-28 |
| reporter | Adam Zabrocki |
| source | https://packetstormsecurity.com/files/90012/FreeBSD-8.0-ftpd-Off-By-One-Proof-Of-Concept.html |
| title | FreeBSD 8.0 ftpd Off-By-One Proof Of Concept |
Seebug
bulletinFamily exploit description BUGTRAQ ID: 40403 CVE ID: CVE-2010-1938 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD所使用的OPIE认证系统中readrec.c文件的__opiereadrec()函数存在单字节栈溢出漏洞,在启用了栈保护的情况下,攻击者可以远程导致使用OPIE的服务进程崩溃。以下是有漏洞的代码段: "/src/contrib/opie/opie.h" /* Maximum length of a principal (read: user name) */ #define OPIE_PRINCIPAL_MAX 32 "./src/contrib/opie/libopie/readrec.c" int __opiereadrec FUNCTION((opie), struct opie *opie) { ... ... { char *c, principal[OPIE_PRINCIPAL_MAX]; int i; if (c = strchr(opie->opie_principal, ':')) *c = 0; [1] if (strlen(opie->opie_principal) > OPIE_PRINCIPAL_MAX) [2] (opie->opie_principal)[OPIE_PRINCIPAL_MAX] = 0; [3] strcpy(principal, opie->opie_principal); ... ... } ... ... ret: if (f) fclose(f); return rval; } [1]处函数检查受控变量opie->opie_principal的长度。如果长度大于OPIE_PRINCIPAL_MAX(32字节),程序就会在这个位置写入空字节。实际上字符串确实为32字节长。 漏洞出现在[3]。strcpy()将最多可为32字节的受控变量拷贝到了也为32字节长的principal缓冲区中,但由于strcpy()在拷贝了 32字节后还要向字符串末尾添加一个空字节,因此可以触发单字节溢出。越界发生在*(principal+32)位置。 FreeBSD 8.0 FreeBSD 7.3 FreeBSD 7.2 FreeBSD 7.1 FreeBSD 6.4 厂商补丁: FreeBSD ------- FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-10:05)以及相应补丁: FreeBSD-SA-10:05:OPIE off-by-one stack overflow 链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-10:05.opie.asc 补丁下载: 执行以下步骤之一; 1) 将有漏洞的系统升级到6-STABLE、7-STABLE或8-STABLE,,或修改日期之后的RELENG_8_0、RELENG_7_3或 RELENG_7_2、RELENG_7_1、RELENG_6_4安全版本。 2) 如果要通过源码路径升级有漏洞的系统: 以下补丁确认可应用于FreeBSD 6.4、7.1、7.2、7.3和8.0系统。 a) 从以下位置下载相关补丁,并使用PGP工具验证附带的PGP签名。 # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch.asc b) 以root执行以下命令: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/libopie # make obj && make depend && make && make install 3) 如果要通过二进制补丁升级有漏洞的系统: # freebsd-update fetch # freebsd-update install id SSV:19715 last seen 2017-11-19 modified 2010-05-31 published 2010-05-31 reporter Root source https://www.seebug.org/vuldb/ssvid-19715 title FreeBSD OPIE实现__opiereadrec()函数单字节栈溢出漏洞 bulletinFamily exploit description No description provided by source. id SSV:19699 last seen 2017-11-19 modified 2010-05-28 published 2010-05-28 reporter Root source https://www.seebug.org/vuldb/ssvid-19699 title FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)
References
- http://blog.pi3.com.pl/?p=111
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932
- http://secunia.com/advisories/39963
- http://secunia.com/advisories/39966
- http://secunia.com/advisories/45136
- http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc
- http://securityreason.com/achievement_securityalert/87
- http://securityreason.com/securityalert/7450
- http://securitytracker.com/id?1024040
- http://securitytracker.com/id?1025709
- http://site.pi3.com.pl/adv/libopie-adv.txt
- http://www.debian.org/security/2011/dsa-2281
- http://www.exploit-db.com/exploits/12762
- http://www.securityfocus.com/bid/40403