[22142] in bugtraq
Re: ISS Security Advisory: Multiple Buffer Overflow Vulnerabilities in Raytheon SilentRunner
daemon@ATHENA.MIT.EDU (Jack Hayes)
Mon Aug 6 19:23:06 2001
Message-ID: <000d01c11ecb$c7ffa9a0$0201a8c0@jimbob>
From: "Jack Hayes" <jackhayes@cablespeed.com>
To: "ISS XForce" <xforce@iss.net>, <bugtraq@securityfocus.com>
Date: Mon, 6 Aug 2001 19:01:46 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Just FYI ...
The buffer overflow conditions in the application layer protocol parsing
rountines described in the ISS advisory also exist in version 1.6.1 of
Silent Runner. Myself and a colleague reported these vulnerabilities to
Raytheon in March of this year. We did not take a look at the knowledge
browser so I'm not sure if this overflow exists in1.6.1 or not.
Unfortunately, I know longer have access to the software to find out.
-Jack
