Re: More Overflows...

From: Aaron Bornstein (aaronbat_private)
Date: Fri Sep 04 1998 - 11:14:15 PDT

Next message: Wichert Akkerman: "Re: nslookup issues"

Previous message: MJE: "FW: Microsoft Security Bulletin (MS98-013)"
Maybe in reply to: HD Moore: "More Overflows..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 4 Sep 1998, Marc Heuse wrote:

> Hi,
>
> > smbclient        version:  1.9.18p3    Overflow occurs after 8505 characters
> > compress         version:  4.2.4       Overflow at 1100 characters
> > elvis            version:  2.0         Lots of fun quirks over 1000-100000;
> >                                        maybe an exploit symlinking with tmp's
> > lha              version:  1.02            Overflow at  >19211
>
> none of these applications is s[ug]id, so these overflows can not be
> exploited to gain privilige.
>

        "...A bug is a bug.  Even if it is not a hole, it should be hunted
down and squashed, because one or more bugs can combine to become one or
more holes..."
                                        -- Theo DeRaadt


--
Aaron Bornstein                             http://mojo.calyx.net/~aaronb/
aaronmb at mit dot edu                             aaronb at calyx dot net

Next message: Wichert Akkerman: "Re: nslookup issues"
Previous message: MJE: "FW: Microsoft Security Bulletin (MS98-013)"
Maybe in reply to: HD Moore: "More Overflows..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:58 PDT