Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Internet Auditing Project

From: hjp () WSR AC AT (Peter J. Holzer)
Date: Tue, 17 Aug 1999 14:26:33 +0200

On 1999-08-16 09:51:58 +0800, David Luyer wrote:

The tool mentioned in this has a couple of show-stopper bugs


Yes, there is also a buffer overflow in job.c (See attached patch). I
wonder how they could run this program for a month. Maybe they posted a
bug-ridden version to make it a little bit more difficult for the script
kiddies?

        hp

--
   _  | Peter J. Holzer             | Nobody should ever have to be
|_|_) | Sysadmin WSR / Obmann LUGA  | ashamed if they have a secret love
| |   | hjp () wsr ac at               | for writing computer programs that
__/   | http://wsrx.wsr.ac.at/~hjp/ | actually work.  -- Donald E. Knuth


diff -u orig/bass-1.0.7/job.c bass-1.0.7/job.c
--- orig/bass-1.0.7/job.c       Sun Aug  8 21:43:51 1999
+++ bass-1.0.7/job.c    Sun Aug 15 16:51:59 1999
@@ -48,7 +48,7 @@
   jobcontrol->alloc += slots + 64;
   jobcontrol->pids = (int *) xrealloc(jobcontrol->pids,
                                      jobcontrol->alloc * sizeof(int));
-  for(i = jobcontrol->alloc-slots-64; i<jobcontrol->alloc+slots+64; i++)
+  for(i = jobcontrol->alloc-slots-64; i<jobcontrol->alloc; i++)
    jobcontrol->pids[i] = JOB_FREE_SLOT;
  }



<!-- attachment="bin0a12873" -->
<HR>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>
Previous By Date Next
Previous By Thread Next

Current thread: