Bugtraq mailing list archives

Re: More buffer overrun crap -- Solaris 2.5.1 /usr/bin/ps

From: kbrint () VISI COM (kevin brintnall)
Date: Sat, 10 May 1997 12:38:17 -0500

The second tidbit is an apparent buffer overrun in getopt() itself; it
blindly trusts argv[0] and it appears to generate its error message into
a local buffer.  :-)

In any case, even if these potential vulnerability aren't as exploitable
as I might think, I would feel much safer if Sun were to patch these.


the getopt(3) problem has been fixed since 103612-21.  the most current
libc patch is 103612-23.  Get It.

 kevin brintnall <kbrint () visi com>
 network engineer, vector internet
 E3979560EF3E00B7 36D422A3C0F3741C

Current thread:

Irix: misc Yuri Volobuev (May 07)
- Re: Irix: misc J.A. Gutierrez (May 08)
- Re: Irix: misc Jaechul Choe (May 08)
- SGI Security Advisory 19961203-02-PX - IRIX netprint Program SGI Security Coordinator (May 08)
- Bug Serious problem in NEC SOCKS server Trevor Schroeder (May 09)
  - Re: Bug Serious problem in NEC SOCKS server Matt Bush (May 09)
  - Windows 95/NT DoS myst (May 09)
    - More buffer overrun crap -- Solaris 2.5.1 /usr/bin/ps Joe Zbiciak (May 10)
    - Re: More buffer overrun crap -- Solaris 2.5.1 /usr/bin/ps kevin brintnall (May 10)
    - Re: Windows 95/NT DoS Albert Siersema (May 10)
    - Re: Windows 95/NT DoS DiGennaro (May 10)
    - Re: Windows 95/NT DoS Alan Cox (May 11)
    - OOB Quick Fix Aleph One (May 10)
    - Microsoft PowerPoint Security Fix Aleph One (May 10)
    - Re: Windows 95/NT DoS Mikael Brandstrom (May 10)
- Another bug in Explorer Aleph One (May 09)
- Security Vulnerability on Novell Netware WWW Server Axel Dunkel (May 09)