Bugtraq mailing list archives
Re: snmpd log files long names problems
From: Tony Lambiris <methodic () libpcap net>
Date: Fri, 3 Aug 2001 00:36:34 -0400
Yup.. definately your standard buffer overflow.. On line 306 of snmpd.c, they have: char logfile[SNMP_MAXBUF_SMALL]; They define SNMP_MAXBUF_SMALL in tools.h as a 512k buffer. And last but not least, on line 321 of snmpd.c: strcpy(logfile, LOGFILE); --- more below On 08.02.01, SECURITY <security () eds com ar> wrote:
recently i was using the new rats release and looking the snmpd.c from ucd-snmp-4.2.1 y look this problem: when i launch snmpd with the arg´s " -l AAAAAAAA....[455 char´s]" i have a core dump... it´s look like a little problem in the code when take the -l argument and strcpy to logfile, small buffer = core dump. I tried it on a i386 with a linux 7.1 but it´s independent from the SO. It´s problem come with ucd-snmp packet
I think you mean redhat 7.1 :) Are any of these components installed suid/sgid on redhat??
Current thread:
- ANNOUNCE: RATS 1.1 (beta) rats (Aug 01)
- snmpd log files long names problems SECURITY (Aug 02)
- Re: snmpd log files long names problems Tony Lambiris (Aug 03)
- Re: snmpd log files long names problems Larry W. Cashdollar (Aug 03)
- Re: snmpd log files long names problems Tony Lambiris (Aug 03)
- snmpd log files long names problems SECURITY (Aug 02)