Bugtraq mailing list archives
Re: [RHSA-2000:087-02] Potential security problems in ping fixed.
From: antirez <antirez () linuxcare com>
Date: Thu, 19 Oct 2000 11:27:09 +0200
On Wed, Oct 18, 2000 at 12:03:00PM -0400, bugzilla () REDHAT COM wrote:
3. Problem description: Several problems in ping are fixed: 1) Root privileges are dropped after acquiring a raw socket. 2) An 8 byte overflow of a static buffer "outpack" is prevented. 3) An overflow of a static buffer "buf" is prevented. A non-exploitable root only segfault is fixed as well.
Do you also fixed the SIGALRM bombing bug? It allows unprivileged users to sent packets as fast as possible. antirez -- Salvatore Sanfilippo, Open Source Developer, Linuxcare Italia spa +39.049.80 43 411 tel, +39.049.80 43 412 fax antirez () linuxcare com, http://www.linuxcare.com/ Linuxcare. Support for the revolution.
Current thread:
- [RHSA-2000:087-02] Potential security problems in ping fixed. bugzilla (Oct 18)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Joe Laffey (Oct 19)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. van der Kooij, Hugo (Oct 20)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Vanja Hrustic (Oct 20)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Tim Robbins (Oct 24)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Pekka Savola (Oct 20)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. van der Kooij, Hugo (Oct 20)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Joe Laffey (Oct 19)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. antirez (Oct 19)
- <Possible follow-ups>
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Joseph Gernandez (Oct 24)
- Re: [RHSA-2000:087-02] Potential security problems in ping fixed. Ryan W. Maple (Oct 24)