[8978] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Tripwire mess..

daemon@ATHENA.MIT.EDU (Austin Schutz)
Thu Jan 7 16:25:11 1999

Date: 	Wed, 6 Jan 1999 18:41:50 -0800
Reply-To: Austin Schutz <tex@SHRUBBERY.NET>
From: Austin Schutz <tex@SHRUBBERY.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.4.05.9901041626190.15582-100000@gizmo.kyrnet.kg>; from
              CyberPsychotic on Mon, Jan 04, 1999 at 05:10:16PM +0500

>Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with
>coredump on R.H. linux, if it hits a filename containing 128-255 characters.

        I reported this to the author maybe a year and a half ago(?). I
was evidently not the first as the author already knew about the problem.
        I would recommend against using security tools that are not properly
maintained. It's probably worth looking at the release date of a package
before using it and reconsidering if it hasn't been touched within the
last 6 months or year. There are probably other bugs lurking that the
author hasn't bothered to fix.

        Austin

home help back first fref pref prev next nref lref last post