[22872] in bugtraq
Re: [ ** Snes9x buffer overflow vulnerability ** ]
daemon@ATHENA.MIT.EDU (Alistair Crooks)
Tue Oct 16 16:34:16 2001
Date: Tue, 16 Oct 2001 22:26:31 +0200
From: Alistair Crooks <agc@pkgsrc.org>
To: Scott Dier <dieman@ringworld.org>
Cc: Niels Heinen <zilli0n@gmx.net>, bugtraq@securityfocus.com,
vulnwatch@vulnwatch.org
Message-ID: <20011016222631.Q19426@smaug.fh-regensburg.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20011016110305.C21884@ringworld.org>; from dieman@ringworld.org on Tue, Oct 16, 2001 at 11:03:05AM -0500
On Tue, Oct 16, 2001 at 11:03:05AM -0500, Scott Dier wrote:
> * Niels Heinen <zilli0n@gmx.net> [011016 10:55]:
> > Affected version: v1.37 prior versions might also be affected.
> > Tested platforms: FreeBSD, NetBSD, OpenBSD and Linux.
The NetBSD Packages Collection does not install the binaries setuid
root either, and, according to the cvs logs, never has done.
1.1 (wiz 09-Nov-00): do-install:
1.1 (wiz 09-Nov-00): ${INSTALL_PROGRAM} ${WRKSRC}/snes9x ${PREFIX}/bin
1.1 (wiz 09-Nov-00): ${INSTALL_PROGRAM} ${WRKSRC}/offsets ${PREFIX}/bin
% ls -al /usr/pkg/bin/{snes9x,offsets}
-r-xr-xr-x 1 root wheel 47284 Oct 16 19:47 /usr/pkg/bin/offsets
-r-xr-xr-x 1 root wheel 1745244 Oct 16 19:47 /usr/pkg/bin/snes9x
%
Regards,
Alistair
