ah, yes and so are /usr/bin/compress, /usr/bin/uncompress and /bin/zcat and /bin/gunzip vulnerable to simple buffer overflows. (Compress version: (N)compress 4.2.4, compiled: Mon Feb 7 16:15:44 EST 2000) (zcat 1.2.4 (18 Aug 93)) this is on redhat 6.2 uncompress and compress are called by wuftpd (maybe other ftpd's too) to compress and uncompress files on the fly I quickly looked into it a few months ago, i am not sure, but i believe maximum input you can give is 1024 bytes in wuftpd, thus not enough to overflow the buffers of either of those programs (more detailed info: http://bse.die.ms/~itchie/stuff/advisories/advbse01.txt) On Sun, 18 Nov 2001, vuln-dev wrote: > GOBBLES security is happy to announce the discovery of multiple bugs in > /bin/gzip, which can be exploited remotely with a bit of creativity. > Attached is our advisory on the matter. > > Enjoy the knowledge and remember to use it responsible. > > The GOBBLES Team > www.bugtraq.org > -- - The Itch http://bse.die.ms
This archive was generated by hypermail 2b30 : Mon Nov 19 2001 - 13:18:38 PST