[8951] in bugtraq
Re: [SECURITY] New versions of netstd fixes buffer overflows
daemon@ATHENA.MIT.EDU (Chip Salzenberg)
Tue Jan 5 13:36:53 1999
Date: Mon, 4 Jan 1999 21:00:03 -0500
Reply-To: Chip Salzenberg <chip@PERLSUPPORT.COM>
From: Chip Salzenberg <chip@PERLSUPPORT.COM>
X-To: security@debian.org
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <"9_QyCB.A.RyB.g__j2"@murphy>; from
debian-security-announce@LISTS.DEBIAN.ORG on Sun, Jan 03,
1999 at 08:31:10PM -0800
According to debian-security-announce@LISTS.DEBIAN.ORG:
> We have received reports that the netstd suffered from two buffer
> overflows. The first problem is an exploitable buffer overflow in the
> bootp server. The second problem is an overflow in the FTP client. Both
> problems are fixed in a new netstd package, version 3.07-2hamm.4 .
What about the version in potato, 3.07-7? Is it vulnerable, too?
--
Chip Salzenberg - a.k.a. - <chip@perlsupport.com>
"When do you work?" "Whenever I'm not busy."