Bugtraq mailing list archives
Re: buffer overflow in msgchk
From: aleph1 () NATIONWIDE NET (Aleph One)
Date: Fri, 15 May 1998 11:34:08 -0500
On Wed, 13 May 1998, Erwin J. van Eijk wrote:
This vulnerability is not present when using mh-6.8.4-6 in RH 5. msgchk ends with msgchk: argument AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAA (2000 times) too long
This vulnerability has already been discussed here back in January. The message by Cesar Tascon Alvarez <tascon () enete gui uva es> that sparked the discussion is available at http://www.netspace.org/cgi-bin/wa?A2=ind9801C&L=bugtraq&D=&H=&T=&O=&F=&P=3374 mh-6.8.4-6 is not the version shipped with RedHat 5.0. Thats the fixed version available in their errata page at http://www.redhat.com/support/docs/rhl/rh50-errata-general.html#mh
Grtz EJ
Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- buffer overflow in msgchk Jorge Hurtado Rojo (May 12)
- Re: buffer overflow in msgchk Erwin J. van Eijk (May 13)
- Re: buffer overflow in msgchk Aleph One (May 15)
- John the Ripper v1.5 Solar Designer (May 14)
- Protocol Aleph One (May 15)
- Re: buffer overflow in msgchk Erwin J. van Eijk (May 13)