Re: buffer overflow in dbadmin

From: duke (dukeat_private)
Date: Thu Oct 08 1998 - 20:02:53 PDT

Next message: Mnemonix: "DoS attack in MS - Proxy 2.0"

Previous message: Weld Pond: "Lotus Domino application vulnerability"
Maybe in reply to: NACS Security Administrator: "buffer overflow in dbadmin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>

hi,

> dbadmin.c:    strcpy(op_temp,curField->name);
> dbadmin.c:      strcat(rec_new,curField->name);

both op_temp and rec_new are malloc()'d so they are safe enough. dbadmin
still looks exploitable however from:

    strcat(qbuf,thetable);

qbuf is not malloc'd but is a global variable.

-- Mark

Next message: Mnemonix: "DoS attack in MS - Proxy 2.0"
Previous message: Weld Pond: "Lotus Domino application vulnerability"
Maybe in reply to: NACS Security Administrator: "buffer overflow in dbadmin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:08 PDT