[25283] in bugtraq
Re: ecartis / listar PoC
daemon@ATHENA.MIT.EDU (KF)
Fri Apr 26 16:43:13 2002
Message-ID: <3CC95068.3030401@snosoft.com>
Date: Fri, 26 Apr 2002 09:04:40 -0400
From: KF <dotslash@snosoft.com>
MIME-Version: 1.0
To: John Madden <weez@freelists.org>
Cc: vuln-dev@securityfocus.com, bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
The thing is this is the least of their worries... and as you said the
author IS working dilligently to fix the issues at hand. As for the
patch ... knock your self out heres the errant code.
[root@ghetto ecartis-1.0.0]# grep -n pathname"\[" src/core.c
80:char pathname[BIG_BUF];
[root@ghetto ecartis-1.0.0]# grep -n "sprintf(pathname" src/core.c
891: sprintf(pathname, "%s", argv[0]);
-KF
John Madden wrote:
>On Wednesday 24 April 2002 08:56 pm, KF wrote:
>
>>Heres some code for this post a while back ...
>>http://online.securityfocus.com/archive/82/258763
>>This is NOT the same issue in the my_strings.c there are MULTIPLE issues
>>in ecartis still and the same goes for listar...
>>This issue is a strcpy from argv to a fixed buffer .... nothing special.
>>
>
>Please see Ecartis' mailing list archives regarding these issues. They're
>aware of the problems and are working to resolve them.
>
>How about, instead of just telling us about there being multiple issues
>and posting an exploit, you post a patch to help fix the issues?
>
>Thanks,
> John
>
>
>
>
>
>
>
>
