[1455] in linux-security and linux-alert archive
[linux-security] Re: NLSPATH Stack Overwrite
daemon@ATHENA.MIT.EDU (Hackboy--Defender of all things Di)
Wed Feb 19 13:56:10 1997
Date: Wed, 19 Feb 1997 02:05:16 -0600 (CST)
From: Hackboy--Defender of all things Digital <bkreed@squashduck.com>
To: linux-security@redhat.com
In-Reply-To: <Pine.BSI.3.91.970214190746.5864A-100000@escape.com>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
On Fri, 14 Feb 1997, Dave G. wrote:
> Here are my preliminary tests:
>
> 5.2.18 is vulnerable (stock Redhat 3.0.3)
> 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think)
>
The 5.3.12-8 package is vunerable (ran the prog and got a root prompt) but
the 5.3.12-17 package that's in the upgrades dir for 4.0 is not.
---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
And sanity is really just a one trick pony, bkreed@acm.org
anyway. I mean, all you get is one trick, bkreed@cs.twsu.edu
RATIONAL THINKING! But when you're good bkreed@squashduck.com
and crazy, the sky's the limit!" http://www.squashduck.com
- The TICK Bryan K. Reed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~