OpenSSH 2.2.0 - 3.1.0 server contains a locally exploitable buffer overflow

From: Marcell Fodor (m.fodorat_private)
Date: Fri Apr 19 2002 - 15:42:51 PDT

Next message: Ian Darwin: "Re: Tomcat 4.1 real path disclosure"

Previous message: Chip Andrews: "Re: Microsoft Security Bulletin - MS02-020"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) effect: local root vulnerable services: -pass Kerberos IV TGT -pass AFS Token bug details: radix.c GETSTRING macro in radix_to_creds function may cause buffer overflow. affected buffers: creds->service creds->instance creds->realm creds->pinst exploit code here: mantra.freeweb.hu

Next message: Ian Darwin: "Re: Tomcat 4.1 real path disclosure"
Previous message: Chip Andrews: "Re: Microsoft Security Bulletin - MS02-020"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 19 2002 - 19:17:05 PDT