Vulnerability Development mailing list archives
Re: efax
From: "s1gnal_9 " <s1gnal_9 () sunos com>
Date: Thu, 17 Jan 2002 13:10:15 +0800
More info about the overflow... Straight from efax src. <--snip---> #define EFAX_PATH_MAX 1024 <--/snip---> <--snip---> char *p , buf [ EFAX_PATH_MAX ] = "" ; <--/snip---> <--snip---> sprintf ( buf , "%.*sTMP..%05d" , dirlen , fname , (int) pid ) ; <--/snip---> the sprinf above causes the overflow.. -- _______________________________________________ Get your free email from http://sunos.com Powered by Instant Portal
Current thread:
- efax H D Moore (Jan 15)
- <Possible follow-ups>
- Re: efax H D Moore (Jan 16)
- Re: efax s1gnal_9 (Jan 16)
- Re: efax - Exploitation info KF (Jan 17)