[25282] in bugtraq
Re: ecartis / listar PoC
daemon@ATHENA.MIT.EDU (John Madden)
Fri Apr 26 16:23:03 2002
Content-Type: text/plain;
charset="iso-8859-1"
From: John Madden <weez@freelists.org>
To: KF <dotslash@snosoft.com>, vuln-dev@securityfocus.com,
bugtraq@securityfocus.com
Date: Fri, 26 Apr 2002 08:14:38 -0500
In-Reply-To: <3CC76231.6040106@snosoft.com>
MIME-Version: 1.0
Message-Id: <0204260814384G.28233@weez>
Content-Transfer-Encoding: 8bit
On Wednesday 24 April 2002 08:56 pm, KF wrote:
> Heres some code for this post a while back ...
> http://online.securityfocus.com/archive/82/258763
> This is NOT the same issue in the my_strings.c there are MULTIPLE issues
> in ecartis still and the same goes for listar...
> This issue is a strcpy from argv to a fixed buffer .... nothing special.
Please see Ecartis' mailing list archives regarding these issues. They're
aware of the problems and are working to resolve them.
How about, instead of just telling us about there being multiple issues
and posting an exploit, you post a patch to help fix the issues?
Thanks,
John
--
# John Madden weez@freelists.org ICQ: 2EB9EA
# FreeLists, Free mailing lists for all: http://www.freelists.org
# UNIX Systems Engineer, Ivy Tech State College: http://www.ivytech.edu
# Linux, Apache, Perl and C: All the best things in life are free!
