Re: catdoc-0.90 buffer overruns

From: Kragen (kragenat_private)
Date: Thu Nov 12 1998 - 14:42:07 PST

Next message: Roman Drahtmueller: "Re: world-readable shadow backups in SuSe 5.2"

Previous message: Marc Heuse: "Re: Xinetd /tmp race?"
Maybe in reply to: Duncan Simpson: "catdoc-0.90 buffer overruns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is not just a security problem if catdoc is run with "privileges
users don't have" --- it's a security problem if you accept any
documents from the outside world and then try to read them with catdoc,
without first checking them to see if they have buffer-overflow
attempts in them.

Since, presumably, the usual reason one runs catdoc is that one person
created a document with Microsoft products and another person, without
Microsoft products available, tries to read that document, this is
essentially a constant security hole.

Kragen

--
<kragenat_private>       Kragen Sitaker     <http://www.pobox.com/~kragen/>
Irony and sarcasm deflate seriousness, and when your seriousness becomes detum-
escent, you're not held responsible for your thoughts. Irony beats thinking like
rock beats scissors. -- http://www.hyperorg.com/backissues/joho-june2-98.html

Next message: Roman Drahtmueller: "Re: world-readable shadow backups in SuSe 5.2"
Previous message: Marc Heuse: "Re: Xinetd /tmp race?"
Maybe in reply to: Duncan Simpson: "catdoc-0.90 buffer overruns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:23:07 PDT