Re: remote buffer overflow in sniffit

From: Brad (bradat_private)
Date: Tue Jan 22 2002 - 09:52:11 PST

Next message: ACD Incorporated Support: "(Repost) CwpApi : GetRelativePath() returns invalid paths (security advisory)"

Previous message: Edwin Groothuis: "Re: remote buffer overflow in sniffit"
In reply to: Edwin Groothuis: "Re: remote buffer overflow in sniffit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Date: Tue, 22 Jan 2002 16:33:00 +1100
>From: Edwin Groothuis <edwinat_private>
>To: g_463at_private
>Cc: bugtraqat_private
>Subject: Re: remote buffer overflow in sniffit

[snip]

>  * Non maintainer upload.
>  * [security] sn_logfile.c: Replaced sprintfs by snprintfs fixing a buffer
>    overflow (bugtraq).
>  * [security] sn_analyse.c: Limit length of TCP packets to the buffer
>    size (buffer overflow with MTU > 5000).
>
> -- Torsten Landschoff <torstenat_private>  Fri, 26 May 2000 08:40:14 +0200
>
>I assume Debian patches this, the FreeBSD port also applies these patches.
>
>Edwin

The OpenBSD port applies this patch too.

revision 1.9
date: 2000/08/30 23:50:29;  author: brad;  state: Exp;  lines: +13 -15
upgrade to sniffit 0.3.7beta + Debian patches

// Brad

bradat_private
bradat_private

Next message: ACD Incorporated Support: "(Repost) CwpApi : GetRelativePath() returns invalid paths (security advisory)"
Previous message: Edwin Groothuis: "Re: remote buffer overflow in sniffit"
In reply to: Edwin Groothuis: "Re: remote buffer overflow in sniffit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jan 22 2002 - 10:17:14 PST