CVE-2012-4436

Name of the Vulnerable Software and Affected Versions fwknop versions prior to 2.0.3

Description The issue is related to a buffer overflow in the run last args function, which can occur when processing the --last option with many .fwknop.run arguments. This might allow local users to cause a denial of service, resulting in a client crash, and potentially execute arbitrary code.

Recommendations For versions prior to 2.0.3, update to version 2.0.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the --last option and limiting the number of .fwknop.run arguments to minimize the risk of exploitation.