-----BEGIN PGP SIGNED MESSAGE----- Sorry to follow up on my own post -- seems the PGP software, MUA, and MIME attachments don't get along well. Here's the attached email message I was referring to in my last post... - -----Forwarded Message-------- Date: Wed, 17 Jun 1998 13:06:26 From: "xxxxxxxxxxxxxxxxx" <xxxxxxxxxxxxxxxxxat_private> Subject: SS # xxxxxxx Jun O4 1998 Trial binary fix for bugs. Bug Id: 4078445 Synopsis: ufsdump buffer overrun can coredump or be exploited for root access Bug Id: 4132365 Release summary: 2.6 Synopsis: Security vulnerability on ufsdump and restore in 2.6 and 2.6 x86 fixes core dump for /usr/lib/fs/ufs/ufsdump 1 `perl -e 'print "a" x 2000'` /usr/lib/fs/ufs/ufsrestore xf `perl -e 'print "a" x 2000'` Trial binary available for testing and binary relief. has fixes only for exploits mentioned in bug reports. Product developement is currently working on more complete fix. If fix goes on schedule, It will be about three weeks (end of June 1998) before a complete 5.6 fix is available for testing. - -rwxrwxrwx 1 xxxxx staff 927 Jun 4 14:56 README - -rwxr-xr-x 1 xxxxx staff 195560 Jun 4 13:47 ufsdump - -rwxr-xr-x 1 xxxxx staff 1022356 May 5 07:53 ufsrestore % sum u* 51160 382 ufsdump 62088 1997 ufsrestore -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: cp850 iQCVAgUBNYhmquNY3xV+5qZBAQEoFQP/XypGTq0d+NDn6ciixW6MHEab4TY8a6Hi tbzL0xdVPv49HPVXsCBW4I0PvP8NX5aZuqU+LmbmZ1VIf9h3VeplmM6DvihBU133 niJip7+JNheR+q8BmVlQSv6huB8AT1/fCdeiFJXeeFoGzVlmu23MMNi4+sq5VWZ9 J51H4JNcrX4= =Gf5u -----END PGP SIGNATURE----- -- Eugene Bradley -- Just Another Random Solaris administrator eugene.bradleyat_private (Personal ONLY!) -- PGP key ID Ox7EE6A641 PGP key available by sending me mail with "GET KEY" in the Subject: line homepage is @ http://www.geocities.com/SiliconValley/Haven/9323/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:58:31 PDT