As you all know, we have recently seen two /usr/sbin/snoop overflows. Posted by both ISS and w00w00. Sun has released patches for the ISS vulnerability, what I am wondering is, does this also solve the w00w00 problem. For referance the patches in question are: Solaris 7 sparc 108482-01 Solaris 7 x86 108483-01 Solaris 5.6 sparc 108492-01 Solaris 5.6 x86 108493-01 Solaris 5.5 sparc 108501-01 Solaris 5.5 x86 108502-01 Solaris 5.4 sparc 108490-01 Solaris 5.4 x86 108491-01 Solaris 5.3 sparc 108489-01 The vulnerabilties in question are: ISS /usr/sbin/snoop: http://www.securityfocus.com/bid/864 w00w00 /usr/sbin/snoop overflow: http://www.securityfocus.com/bid/858 Alfred Huger VP of Engineering SecurityFocus.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:19:28 PDT