Bugtraq mailing list archives

Re: identd hole?

From: daveg () escape com (Dave G.)
Date: Tue, 16 Jul 1996 10:15:49 -0400


As far as I know, there is no buffer overflow in atoi() under linux.
This rumor was started when there was a problem in some IRC clients.  At
the time I took a look at atoi() and strtol().  Not only were there no
buffer overflows, there were no buffers at all :).

I haven't seen any evidence that he was actually hacked via ident.
Actually his description hasnt even explicitly stated that the intruder
got in.

Brett: You said you caught hime with a login process.  Did the ps say
'login blah etc...' or 'bash' or 'sh' or 'tcsh'.  Since you havent had a
chance to check  it, you dont know whether he just managed to launch
denial of service attacks on it.

Current thread:

Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
  - Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)