Bugtraq mailing list archives

Re: Buffer overflows in Minicom 1.80.1

From: gonzo () RRNET COM (Patrick J. Volkerding)
Date: Wed, 2 Sep 1998 11:26:12 -0500


On Wed, 2 Sep 1998, M.C.Mar wrote:

In Slackware 3.5 distribution minicom is setuid root and
is STILL VULNERABLE, but not easily. ;)


Not any more.  It's been updated to minicom_1.81.1, and is no longer
setuid root.  In fact, these problems were fixed a good 12 hours before
the above message was posted.

The updated package is available here:

ftp://ftp.cdrom.com/pub/linux/slackware-3.5/a6/minicom.tgz

Fixes are also online for other reported problems with the NFS daemons and
routed.  See ftp://ftp.cdrom.com/pub/linux/slackware-3.5/ChangeLog.txt for
more details.

---
Patrick J. Volkerding
Slackware Linux Project

Current thread:

Re: Buffer overflows in Minicom 1.80.1 M.C.Mar (Aug 31)
- <Possible follow-ups>
- Re: Buffer overflows in Minicom 1.80.1 M.C.Mar (Sep 02)
  - Re: Buffer overflows in Minicom 1.80.1 Patrick J. Volkerding (Sep 02)
    - Re: Buffer overflows in Minicom 1.80.1 Patrick J. Volkerding (Sep 02)