[3929] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[linux-security] write(1) leak

daemon@ATHENA.MIT.EDU (David Holland)
Mon Jan 20 01:25:57 1997

X-Resent-From: linux-security@redhat.com
Date: 	Sun, 19 Jan 1997 12:10:00 -0600
Reply-To: linux-security@redhat.com
From: David Holland <dholland@eecs.harvard.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>

Some versions (the util-linux version, but not the netwrite or netkit
versions) of /usr/bin/write have a buffer overrun problem that is
almost certainly exploitable. Note that this gives access to the tty
group, but not (directly) root.

The fix is to change the two sprintfs to snprintfs. Patches have been
mailed to the maintainer.

--
   - David A. Holland             |    VINO project home page:
     dholland@eecs.harvard.edu    | http://www.eecs.harvard.edu/vino


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3929] in bugtraq

[linux-security] write(1) leak

daemon@ATHENA.MIT.EDU (David Holland)Mon Jan 20 01:25:57 1997

daemon@ATHENA.MIT.EDU (David Holland)
Mon Jan 20 01:25:57 1997