Bugtraq mailing list archives
Re: identd hole?
From: daveg () escape com (Dave G.)
Date: Tue, 16 Jul 1996 10:15:49 -0400
As far as I know, there is no buffer overflow in atoi() under linux. This rumor was started when there was a problem in some IRC clients. At the time I took a look at atoi() and strtol(). Not only were there no buffer overflows, there were no buffers at all :). I haven't seen any evidence that he was actually hacked via ident. Actually his description hasnt even explicitly stated that the intruder got in. Brett: You said you caught hime with a login process. Did the ps say 'login blah etc...' or 'bash' or 'sh' or 'tcsh'. Since you havent had a chance to check it, you dont know whether he just managed to launch denial of service attacks on it.
Current thread:
- Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
- Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)