[508] in linux-security and linux-alert archive
Re: Avalon Release
daemon@ATHENA.MIT.EDU (Baba Z Buehler)
Fri Dec 8 13:40:18 1995
Reply-to: Baba Z Buehler <baba@beckman.uiuc.edu>
From: Baba Z Buehler <baba@beckman.uiuc.edu>
To: root <root@crimson.cadvision.com>
cc: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>, linux-alert@tarsier.cv.nrao.edu,
linux-security@tarsier.cv.nrao.edu, bugtraq@crimelab.com,
big-linux@netspace.org
In-reply-to: Your message of "Sun, 03 Dec 1995 22:52:37 MST."
<Pine.LNX.3.91.951203225127.524A-100000@crimson.cadvision.com>
Date: Thu, 07 Dec 1995 10:49:51 -0600
root <root@crimson.cadvision.com> writes:
> Affected Program: splitvt(1)
>
> Affected Operating Systems: Linux 2-3.X
>
> Exploitation Result: Local users can obtain superuser privelages.
>
> Bug Synopsis: A stack overflow exists via user defined unbounds checked
> user supplied data sent to a sprintf().
>
There is no Linux 2-3.X. It would be much more helpfull if you would list
versions of the kernel, libc and program that were used to exploit the hole.
If you're going to list version numbers on Linux distributions, at least name
the distribution you're getting the number from.
Thanks,
--
# Baba Z Buehler - 'Hackito Ergo Sum'
# Beckman Institute Systems Services, Urbana Illinois
#
# I'm still learning to count backwards from infinity.
#
# PGP public key on WWW homepage and key servers (key id: C13D8EE1)
# WWW: http://www.beckman.uiuc.edu/~baba/
