Bugtraq mailing list archives
Re: Still More Overflows
From: marc () SUSE DE (Marc Heuse)
Date: Wed, 22 Mar 2000 22:39:18 +0100
Hi,
Way back in August of 1998 I posted a message to this list about a handful of buffer overflows in various utilities that shipped with SuSE Linux 6.2. It seems that after a year and half a few of these bugs STILL exist. None of these utilities are harmful by themselves, just they may open a security hole when called by a priviledged program (see compress below). The original message can be found here: 35EE534C.B0031C53 () usa net">http://www.securityfocus.com/templates/archive.pike?list=1&date=1998-08-29&msg=35EE534C.B0031C53 () usa net</A>
as you already noted: they are all not privileged. but you are right, that they might be called by a privilged process/program and therefore lead to a compromise of the system. However, those culprits are not the only one. *many* if not most have got this problems. or other problems as well, like insecurely creating temporary files ... if you check the so called "user security" of the average executable in the /usr/bin directory you should fear the worst. but the solution is of course not to run for cover and not doing anything. however fixing these bugs are pretty hard. First they are numerous, second it's senseless if SuSE, redhat, caldera etc. etc. fix such bugs on their own (waste of ressources!) so patches should be incorporated by the maintainer. and this is often the hard thing: try it out and you will often hear "thanks, but your patch doesn't compile on VMS 6.0 and other-weird-system, ...". Or sometimes they never reply or are bothered by your patch. Or they say what many other people say: "why bother? it´s not priviliged". the openbsd team did a great and successful support in securing also the "user space". they are making all their patches available. but still the maintainers of the programs don't incorporate them. what a waste of ressources. *sigh* And then for the next problem: TIME. we are busy fixing important security holes and writing security software. This of course has got priority. However, I will see, that the bugs you mentioned will get fixed - at least within SuSE, but of course I'll pass the patch on to our colleagues from the other distributions and of course try to get patches incorporated by the maintainers...:-) Greets, Marc -- Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc () suse de Function: Security Support & Auditing "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C
Current thread:
- Still More Overflows H D Moore (Mar 19)
- <Possible follow-ups>
- Re: Still More Overflows Marc Heuse (Mar 22)