[3996] in bugtraq
Re: Critical Security Problem in 4.4BSD crt0
daemon@ATHENA.MIT.EDU (Charles M. Hannum)
Mon Feb 3 23:24:32 1997
Date: Mon, 3 Feb 1997 13:11:36 -0500
Reply-To: "Charles M. Hannum" <mycroft@GNU.AI.MIT.EDU>
From: "Charles M. Hannum" <mycroft@GNU.AI.MIT.EDU>
X-To: tqbf@enteract.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: "Thomas H. Ptacek"'s message of Sun, 2 Feb 1997 23:54:54 -0600
(CST)
"Thomas H. Ptacek" <tqbf@enteract.com> writes:
>
> The issue is that FreeBSD 2.1.5's crt0.c start() routine, which calls the
> "main()" entry point function in the program that is starting, will under
> some circumstances call routines that set the "locale" of the program. The
> routines that do this are heavily dependant on environment variables,
> which are in some circumstances copied directly into local character
> buffers on the stack of the locale routines.
I'd like to point out that, despite the subject line, this hole has
nothing to do with 4.4BSD; it is specific to FreeBSD, and does *not*
affect other 4.4BSD-derived systems.
