[714] in linux-security and linux-alert archive
Re: [linux-security] Bounds checking problem, apparently with libc >5.0.0 <5.3.9
daemon@ATHENA.MIT.EDU (lilo)
Thu May 9 17:46:28 1996
From: lilo <TaRDiS@mail.utexas.edu>
Date: Thu, 9 May 1996 12:35:17 -0500 (CDT)
To: Linux Security List <linux-security@tarsier.cv.nrao.edu>
cc: Michael J Loftis <mjl@juno.com>
In-Reply-To: <19960509.073111.7406.1.mjl@juno.com>
Michael,
My apologies for excerpting a bit of your private message, but this seems to
be a potential point of confusion, so I wanted to address it on channel.
Not implying you were confused, just that it's a good opportunity to address
the point. So, my current understanding follows.
I'm going to quit posting on this topic, it looks as if everyone's on track
and unless something changes I won't have much more to contribute. :)
On Thu, 9 May 1996, Michael J Loftis wrote:
> I had found that bug early on and tried to report it but to no
> avail. I ended up patching it myself instead of waiting for a new
> release. I think I'll look at 5.3.12 and see if it still has the bug.
There are apparently two bugs here:
(1) This exploit was designed to let hackers acquire shell access to
systems of users running earlier (possibly modified/scripted) ircII
clients. That leak has (apparently) been plugged by recent client
code.
(2) The exploit has been recycled to demonstrate a problem with libc
>5.0.0 and < about 5.3.9. Libc 5.3.12 appears to plug that leak.
lilo
