[7884] in bugtraq
Re: More Overflows...
daemon@ATHENA.MIT.EDU (Aaron Bornstein)
Fri Sep 4 15:09:25 1998
Date: Fri, 4 Sep 1998 14:14:15 -0400
Reply-To: Aaron Bornstein <aaronb@MOJO.CALYX.NET>
From: Aaron Bornstein <aaronb@MOJO.CALYX.NET>
X-To: Marc Heuse <marc@SUSE.DE>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199809040742.JAA29654@Galois.suse.de>
On Fri, 4 Sep 1998, Marc Heuse wrote:
> Hi,
>
> > smbclient version: 1.9.18p3 Overflow occurs after 8505 characters
> > compress version: 4.2.4 Overflow at 1100 characters
> > elvis version: 2.0 Lots of fun quirks over 1000-100000;
> > maybe an exploit symlinking with tmp's
> > lha version: 1.02 Overflow at >19211
>
> none of these applications is s[ug]id, so these overflows can not be
> exploited to gain privilige.
>
"...A bug is a bug. Even if it is not a hole, it should be hunted
down and squashed, because one or more bugs can combine to become one or
more holes..."
-- Theo DeRaadt
--
Aaron Bornstein http://mojo.calyx.net/~aaronb/
aaronmb at mit dot edu aaronb at calyx dot net
