[14671] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: freebsd libncurses overflow

daemon@ATHENA.MIT.EDU (Matt Conover)
Wed Apr 26 01:52:10 2000

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.BSF.4.05.10004241546190.40471-100000@mail.bos.bindview.com>
Date:         Mon, 24 Apr 2000 15:49:38 -0400
Reply-To: Matt Conover <mconover@BOS.BINDVIEW.COM>
From: Matt Conover <mconover@BOS.BINDVIEW.COM>
X-To:         venglin@freebsd.lublin.pl
To: BUGTRAQ@SECURITYFOCUS.COM

This has been discovered before (or at least a similar vulnerability) by
w00w00, but there wasn't anything useful (as far as elevating privileges
go) that was using it at the time.  So, unless you can name any suid/sgid
programs using it that will allow the elevation of privileges for
something meaningful, I think the severity is low.

Matt


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[14671] in bugtraq

Re: freebsd libncurses overflow

daemon@ATHENA.MIT.EDU (Matt Conover)Wed Apr 26 01:52:10 2000

daemon@ATHENA.MIT.EDU (Matt Conover)
Wed Apr 26 01:52:10 2000