Bugtraq mailing list archives
[linux-security] Re: Re: so-called snprintf() in db-1.85.4
From: aleph1 () DFW NET (Aleph One)
Date: Thu, 10 Jul 1997 07:32:06 -0500
---------- Forwarded message ---------- Date: Wed, 9 Jul 1997 11:20:08 -0400 (EDT) From: Illuminati Primus <vermont () gate net> To: Hal DeVore <hdevore () bmc com> Cc: Thomas Roessler <roessler () guug de>, linux-security () redhat com Subject: [linux-security] Re: Re: so-called snprintf() in db-1.85.4 ldd /usr/sbin/sendmail libgdbm.so.1 => /lib/libgdbm.so.1 libdb.so.1 => /usr/lib/libdb.so.1 libc.so.5 => /lib/libc.so.5 Does this mean that the all occurences of snprintf in my sendmail are now susceptible to overflows? Or might the order of the links to the libraries override libdb's snprintf with the libc version? I am unsure about how symbols are loaded from libraries... [mod: I'd vote "YES", sendmail is vulnerable. Strings on /usr/sbin/sendmail gives "snprintf", quite close to the string "libdb.so.2.0.0". The order of the links works as it should when special libraries (like libdb) can override the default (in libc) -- REW] Thanks for any info, -vermont () gate net On Wed, 9 Jul 1997, Hal DeVore wrote:
-----BEGIN PGP SIGNED MESSAGE----- roessler () guug de wrote:There is a severe problem with the db-1.85.4 library's Linux portI just ran nm on my libdb.a and found: snprintf.o: 00000000 t gcc2_compiled. 00000000 T snprintf 00000014 T vsnprintf U vsprintf Without looking at the code I'd bet that the vsnprintf function supplied in this library similarly turns into a vsprintf. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBM8OG50Zrb8SDJ8hxAQE77wP/a10vOmulKy3hOcG9bqwBA64m7OEejqv7 7CiRGcRepHyowVMHvp2P7pITCYohGxpEweljnA4iqHy8WG68No8pK2YOjp7RDLda WcS+CvImoLX7gBZK3LBQpmWqtrHfwO/I3QaqfietW93mG0PPrysRGhUNi94+MKB5 4SUgslHA42U= =AkPG -----END PGP SIGNATURE-----
Current thread:
- [linux-security] Re: Re: so-called snprintf() in db-1.85.4 Aleph One (Jul 10)
- Re: [linux-security] Re: Re: so-called snprintf() in db-1.85.4 Willy TARREAU (Jul 10)
- libdb snprintf under Digital Unix David Krinsky (Jul 10)
- GETADMIN 2 - THE SEQUEL Mark Joseph Edwards (Jul 10)