Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)

• Previous message: Blue Boar: "Re: Black Hat Windows Security Keynotes announced"
• In reply to: ladd harris: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Next in thread: Blake Frantz: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Reply: Blake Frantz: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2002-01-31 at 08:37, ladd harris wrote:
> Testing the whois -p i also get a core dump on red 
> hat 7.1....tried two machines both seem effected.  
> whether it can be exploited i do not still need to do 
> more tests......

but what are you going to exploit? i found this bug a while ago, but
never reported it because 

	1) the (newer) whois-1.0.9-1 rpm fixed the problem, and 
	2) whois isn't setuid. and never needs to be

so at most, you're talking about executing code as yourself, which you
can do without a buffer overflow.

-jon

-- 
jonat_private || www.divisionbyzero.com
gpg key: www.divisionbyzero.com/pubkey.asc
think i have a virus?: www.divisionbyzero.com/pgp.html
"You are in a twisty little maze of Sendmail rules, all confusing." 

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: Blake Frantz: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Previous message: Blue Boar: "Re: Black Hat Windows Security Keynotes announced"
• In reply to: ladd harris: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Next in thread: Blake Frantz: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Reply: Blake Frantz: "Re: buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 16:32:24 PST