[23934] in bugtraq
Re: remote buffer overflow in sniffit
daemon@ATHENA.MIT.EDU (Brad)
Tue Jan 22 13:49:45 2002
Date: Tue, 22 Jan 2002 12:52:11 -0500 (EST)
From: Brad <brad@comstyle.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20020122163300.A889@k7.mavetju.org>
Message-ID: <Pine.BSO.4.44.0201221244070.14564-100000@ss5.comstyle.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
>Date: Tue, 22 Jan 2002 16:33:00 +1100
>From: Edwin Groothuis <edwin@mavetju.org>
>To: g_463@hotmail.com
>Cc: bugtraq@securityfocus.com
>Subject: Re: remote buffer overflow in sniffit
[snip]
> * Non maintainer upload.
> * [security] sn_logfile.c: Replaced sprintfs by snprintfs fixing a buffer
> overflow (bugtraq).
> * [security] sn_analyse.c: Limit length of TCP packets to the buffer
> size (buffer overflow with MTU > 5000).
>
> -- Torsten Landschoff <torsten@debian.org> Fri, 26 May 2000 08:40:14 +0200
>
>I assume Debian patches this, the FreeBSD port also applies these patches.
>
>Edwin
The OpenBSD port applies this patch too.
revision 1.9
date: 2000/08/30 23:50:29; author: brad; state: Exp; lines: +13 -15
upgrade to sniffit 0.3.7beta + Debian patches
// Brad
brad@comstyle.com
brad@openbsd.org
