[8951] in bugtraq

home help back first fref pref prev next nref lref last post

Re: [SECURITY] New versions of netstd fixes buffer overflows

daemon@ATHENA.MIT.EDU (Chip Salzenberg)
Tue Jan 5 13:36:53 1999

Date: 	Mon, 4 Jan 1999 21:00:03 -0500
Reply-To: Chip Salzenberg <chip@PERLSUPPORT.COM>
From: Chip Salzenberg <chip@PERLSUPPORT.COM>
X-To:         security@debian.org
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <"9_QyCB.A.RyB.g__j2"@murphy>; from
              debian-security-announce@LISTS.DEBIAN.ORG on Sun, Jan 03,
              1999 at 08:31:10PM -0800

According to debian-security-announce@LISTS.DEBIAN.ORG:
> We have received reports that the netstd suffered from two buffer
> overflows. The first problem is an exploitable buffer overflow in the
> bootp server. The second problem is an overflow in the FTP client. Both
> problems are fixed in a new netstd package, version 3.07-2hamm.4 .

What about the version in potato, 3.07-7?  Is it vulnerable, too?
--
Chip Salzenberg      - a.k.a. -      <chip@perlsupport.com>
      "When do you work?"   "Whenever I'm not busy."

home help back first fref pref prev next nref lref last post