Bugtraq mailing list archives
Re: libresolv+ bug
From: coxa () cableol net (Alan Cox)
Date: Mon, 19 Aug 1996 09:16:04 +0100
In response to the libresolv+ hole ... I'm sure there's a better/more encompassing/cleaner method of fixing it, but here's my patch for ping (I have the Netkit-B-0.07A source for ping (linux)... It just switches the effective uid to nobody (default 65534) around a certain gethostbyname ... This fixed the problem as far as I can tell on my system...
This is not a fix for any of the libresolv++ holes. Firstly you can use the TRIM list to overrun the trim buffer non setuid, but make the non setuid code executed patch other parts of the binary so that when it goes back setuid -- BLAM. Has anyone checked if the BSD libc's are also not checking for an overrun of the domain trimming buffer ?
Current thread:
- Re: libresolv+ bug, (continued)
- Re: libresolv+ bug Jon Lewis (Aug 18)
- Re: libresolv+ bug Alan Cox (Aug 19)
- libresolv Xarthon (Aug 18)
- Re: libresolv Xarthon (Aug 18)
- Re: libresolv+ bug Nelson Murilo (Aug 18)
- Re: libresolv+ bug Brian Mitchell (Aug 18)
- Re: libresolv+ bug Casper Dik (Aug 19)
- Re: libresolv+ bug Alan Cox (Aug 19)
- Re: libresolv+ bug Brian Mitchell (Aug 19)
- Re: libresolv+ bug David Holland (Aug 19)
- Re: libresolv+ bug Alan Cox (Aug 19)
- Re: libresolv+ bug Steve Czetty (Aug 19)
- real time decode of tcpdump output Michael Ryan (Aug 19)
- WU.FTPD vulnerability: gnu tar possibly others Alan Cox (Aug 19)
- Re: WU.FTPD vulnerability: gnu tar possibly others Pedro Melo (Aug 19)
- Re: WU.FTPD vulnerability: gnu tar possibly others Christian Limpach (Aug 19)
- SECURITY FIX/UPDATE: anonftp Elliot Lee (Aug 19)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Igor Chudov @ home (Aug 18)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Evil Pete (Aug 18)
- CERT Advisory CA-96.18 - Vulnerability in fm_fls CERT Advisory (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Ficus Kirkpatrick (Aug 13)