[18581] in bugtraq
Re: [reiserfs-list] major security bug in reiserfs (may affect
daemon@ATHENA.MIT.EDU (Marc Lehmann)
Fri Jan 12 14:39:20 2001
Mail-Followup-To: bugtraq@jedi.claranet.fr, BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010111035536.B373@cerebro.laendle>
Date: Thu, 11 Jan 2001 03:55:36 +0100
Reply-To: Marc Lehmann <pcg@GOOF.COM>
From: Marc Lehmann <pcg@GOOF.COM>
X-To: bugtraq@jedi.claranet.fr
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20010110111528.87E51DB7F@mail.fr.clara.net>; from
bugtraq@jedi.claranet.fr on Wed, Jan 10, 2001 at 11:15:28AM +0000
On Wed, Jan 10, 2001 at 11:15:28AM +0000, bugtraq@jedi.claranet.fr wrote:
> ReiserFS 3.6.24 (kernel 2.4.0ac4) doesn't seem vulnerable to this attack.
> No segfault, no kernel oops and proper operations.
A few users who have tested this on 2.4 did indeed not reproduce this problem
but got a number of log messages when creating directories with long names
that indicate bugs in the data structures.
Quite a efw people now have found ways to create directories that do not
show up in ls or find output (without any errors), but this might be a
weird bug in ls and find.
(Anyway, the precise discussion can be found on the reiserfs list)
--
-----==- |
----==-- _ |
---==---(_)__ __ ____ __ Marc Lehmann +--
--==---/ / _ \/ // /\ \/ / pcg@opengroup.org |e|
-=====/_/_//_/\_,_/ /_/\_\ XX11-RIPE --+
The choice of a GNU generation |
|
