[8537] in bugtraq

home help back first fref pref prev next nref lref last post

Re: catdoc-0.90 buffer overruns

daemon@ATHENA.MIT.EDU (Kragen)
Fri Nov 13 15:23:42 1998

Date: 	Thu, 12 Nov 1998 17:42:07 -0500
Reply-To: Kragen <kragen@POBOX.COM>
From: Kragen <kragen@POBOX.COM>
X-To:         Duncan Simpson <dps@IO.STARGATE.CO.UK>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <199811110137.BAA29597@io.stargate.co.uk>

This is not just a security problem if catdoc is run with "privileges
users don't have" --- it's a security problem if you accept any
documents from the outside world and then try to read them with catdoc,
without first checking them to see if they have buffer-overflow
attempts in them.

Since, presumably, the usual reason one runs catdoc is that one person
created a document with Microsoft products and another person, without
Microsoft products available, tries to read that document, this is
essentially a constant security hole.

Kragen

--
<kragen@pobox.com>       Kragen Sitaker     <http://www.pobox.com/~kragen/>
Irony and sarcasm deflate seriousness, and when your seriousness becomes detum-
escent, you're not held responsible for your thoughts. Irony beats thinking like
rock beats scissors. -- http://www.hyperorg.com/backissues/joho-june2-98.html

home help back first fref pref prev next nref lref last post