[917] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: identd hole?

daemon@ATHENA.MIT.EDU (Dave G.)
Wed Jul 17 11:09:14 1996

From: "Dave G." <daveg@escape.com>
To: bugtraq@netspace.org
Date: Tue, 16 Jul 1996 10:15:49 -0400 (EDT)
Cc: linux-security@tarsier.cv.nrao.edu, blh@nol.net

As far as I know, there is no buffer overflow in atoi() under linux.  
This rumor was started when there was a problem in some IRC clients.  At 
the time I took a look at atoi() and strtol().  Not only were there no 
buffer overflows, there were no buffers at all :).  

I haven't seen any evidence that he was actually hacked via ident.  
Actually his description hasnt even explicitly stated that the intruder 
got in. 

[Mod: In a subsequent post to Bugtraq, Brett stated: "After several
hours of checking logs and other material I've come to the realization
that the hack used to attack one of my machines was indeed the
sendmail/identd hack referenced some time ago."  Exactly what log
entries, etc., led him to this conclusion is unknown to me at this time.
--Jeff.]

Brett: You said you caught hime with a login process.  Did the ps say 
'login blah etc...' or 'bash' or 'sh' or 'tcsh'.  Since you havent had a 
chance to check  it, you dont know whether he just managed to launch 
denial of service attacks on it.  


home help back first fref pref prev next nref lref last post