Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."Referenceshttps://security-tracker.debian.org/tracker/CVE-2012-6123https://access.redhat.com/security/cve/cve-2012-6123http://www.openwall.com/lists/oss-security/2013/02/08/2
