Bugtraq mailing list archives

Re: [SECURITY] New versions of netstd fixes buffer overflows

From: chip () PERLSUPPORT COM (Chip Salzenberg)
Date: Mon, 4 Jan 1999 21:00:03 -0500


According to debian-security-announce () LISTS DEBIAN ORG:

We have received reports that the netstd suffered from two buffer
overflows. The first problem is an exploitable buffer overflow in the
bootp server. The second problem is an overflow in the FTP client. Both
problems are fixed in a new netstd package, version 3.07-2hamm.4 .


What about the version in potato, 3.07-7?  Is it vulnerable, too?
--
Chip Salzenberg      - a.k.a. -      <chip () perlsupport com>
      "When do you work?"   "Whenever I'm not busy."

Current thread:

Tripwire mess.. CyberPsychotic (Jan 04)
- Re: [SECURITY] New versions of netstd fixes buffer overflows Chip Salzenberg (Jan 04)
  - Re: [SECURITY] New versions of netstd fixes buffer overflows Wichert Akkerman (Jan 05)
  - Wiping out setuid programs D. J. Bernstein (Jan 05)
    - Re: Wiping out setuid programs Darren Reed (Jan 06)
    - Re: Wiping out setuid programs Illuminatus Primus (Jan 06)
    - Re: Wiping out setuid programs Thamer Al-Herbish (Jan 06)
  - Checking for most recent Solaris Security Patches spamhater () GRYMOIRE COM (Jan 06)
    - Re: Checking for most recent Solaris Security Patches Ronan Waide (Jan 07)
    - NFR Version 2.0.2 Research Now Available Deborah A. Greenberg (Jan 07)
    - Re: Checking for most recent Solaris Security Patches Paul Brunk (Jan 08)
    - Re: Checking for most recent Solaris Security Patches John D Groenveld (Jan 08)

(Thread continues...)