[17292] in bugtraq
wrong facts about curl exploit
daemon@ATHENA.MIT.EDU (Daniel Stenberg)
Mon Oct 23 12:19:02 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.21.0010221030110.4398-100000@pm1.contactor.se>
Date: Sun, 22 Oct 2000 10:32:54 +0200
Reply-To: Daniel Stenberg <daniel@HAXX.SE>
From: Daniel Stenberg <daniel@HAXX.SE>
To: BUGTRAQ@SECURITYFOCUS.COM
Hi
I am the main author of curl, the tool that appeared in the Remote Buffer
Overflow Vulnerability reported on October 13th at
http://www.securityfocus.com/bid/1804
... the information and discussion are accurate, to the point and describes
the problem (even if somewhat unspecific). However, what is bothering me:
The described exploit is *entirely* wrong!
The described exploit is a) not a remote buffer overflow b) not at all
present in all those versions listed in the advisory. c) hardly an exploit
since it just crashes older versions of the appliction.
There's a "buffer overflow" example posted in the curl bug report system that
would make a far better (and correct) example of how to crash curl using the
posted flaw.
I'd be happy to answer to any questions regarding this matter, and I would
like to see that section of the advisory corrected.
Thanks for an utterly important and useful service!
--
Daniel Stenberg -- curl project maintainer -- http://curl.haxx.se/
