Bugtraq mailing list archives

Re: More Overflows...

From: aaronb () MOJO CALYX NET (Aaron Bornstein)
Date: Fri, 4 Sep 1998 14:14:15 -0400


On Fri, 4 Sep 1998, Marc Heuse wrote:

Hi,

smbclient        version:  1.9.18p3    Overflow occurs after 8505 characters
compress         version:  4.2.4       Overflow at 1100 characters
elvis            version:  2.0         Lots of fun quirks over 1000-100000;
                                       maybe an exploit symlinking with tmp's
lha              version:  1.02            Overflow at  >19211


none of these applications is s[ug]id, so these overflows can not be
exploited to gain privilige.


        "...A bug is a bug.  Even if it is not a hole, it should be hunted
down and squashed, because one or more bugs can combine to become one or
more holes..."
                                        -- Theo DeRaadt


--
Aaron Bornstein                             http://mojo.calyx.net/~aaronb/
aaronmb at mit dot edu                             aaronb at calyx dot net

Current thread:

More Overflows... HD Moore (Sep 03)
- <Possible follow-ups>
- Re: More Overflows... Marc Heuse (Sep 04)
  - Re: More Overflows... Theo de Raadt (Sep 04)
  - Re: More Overflows... Aaron Bornstein (Sep 04)