oss-sec mailing list archives
pam_cifscreds stack overflow
From: Sebastian Krahmer <krahmer () suse de>
Date: Wed, 9 Apr 2014 15:12:30 +0200
Hi We are tracking a patch at: https://bugzilla.novell.com/show_bug.cgi?id=870168 which fixes a overflow in the cifskey.c (taken from Linux CIFS VFS) as used in pam_cifscreds. I did not check upstream length checking during their packet processing but I doubt the same fixed max length's also apply ad-hoc to pam processing of user and password. Sebastian -- ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer () suse de - SuSE Security Team
Current thread:
- pam_cifscreds stack overflow Sebastian Krahmer (Apr 09)
- Re: pam_cifscreds stack overflow cve-assign (Apr 10)
- Re: Re: pam_cifscreds stack overflow Kurt Seifried (Apr 10)
- Re: pam_cifscreds stack overflow cve-assign (Apr 10)
- Re: pam_cifscreds stack overflow Sebastian Krahmer (Apr 13)
- Re: pam_cifscreds stack overflow cve-assign (Apr 10)