Re: [HERT] Advisory #002 Buffer overflow in lsof

From: der Mouse (mouseat_private)
Date: Fri Feb 19 1999 - 23:13:14 PST

Next message: Ash: "Regarding passwords in registry keys."

Previous message: Matt Hargett: "Re: Inherent weaknesses in NT system policies"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: M.C.Mar: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> on linux /dev/kmem is +w for gid kmem, on bsd too (probably, I didn't
> checked that),

On what grounds do you think this is probable?  Certainly the modern
BSDs don't have this particular bug (someone already said FreeBSD
didn't, and I can say with fair assurance NetBSD doesn't - certainly
*my* NetBSD boxes don't, and I'm sure I didn't touch that particular
setting.  Given its genesis, OpenBSD probably not only is safe now but
has been as long as it's existed.)

I *think* this may even have been fixed back in the 4.3 days, but I
can't recall for sure; that was too long ago.

					der Mouse

			       mouseat_private
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Next message: Ash: "Regarding passwords in registry keys."
Previous message: Matt Hargett: "Re: Inherent weaknesses in NT system policies"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: M.C.Mar: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:36:22 PDT