[8978] in bugtraq
Re: Tripwire mess..
daemon@ATHENA.MIT.EDU (Austin Schutz)
Thu Jan 7 16:25:11 1999
Date: Wed, 6 Jan 1999 18:41:50 -0800
Reply-To: Austin Schutz <tex@SHRUBBERY.NET>
From: Austin Schutz <tex@SHRUBBERY.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.05.9901041626190.15582-100000@gizmo.kyrnet.kg>; from
CyberPsychotic on Mon, Jan 04, 1999 at 05:10:16PM +0500
>Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with
>coredump on R.H. linux, if it hits a filename containing 128-255 characters.
I reported this to the author maybe a year and a half ago(?). I
was evidently not the first as the author already knew about the problem.
I would recommend against using security tools that are not properly
maintained. It's probably worth looking at the release date of a package
before using it and reconsidering if it hasn't been touched within the
last 6 months or year. There are probably other bugs lurking that the
author hasn't bothered to fix.
Austin