Full Disclosure mailing list archives
Sharutils buggy?
From: full-disclosure () lists netsys com (Charles 'core' Stevenson)
Date: Tue, 16 Jul 2002 05:00:56 -0600
That's just plan evil Peter! ;) peace, core Peter Bieringer wrote:
--On Tuesday, July 16, 2002 01:24:30 AM +0200 martin f krafft <madduck () madduck net> wrote:I'd like to get some educated thoughts and opinions on a recently found potential bug: http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-037 http://online.securityfocus.com/bid/4742 http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-049 http://www.aerasec.de/security/index.html?lang=en&id=ae-200204-033 http://bugs.debian.org/149454 http://www.kb.cert.org/vuls/id/336083One additial memo: The original advisory and afaik the fixed version from RHL still not metioned that devices also are candidates for overwriting. Think about begin 666 /dev/hda ... Peter _______________________________________________ Full-Disclosure - We believe in it. Full-Disclosure () lists netsys com http://lists.netsys.com/mailman/listinfo/full-disclosure
Current thread:
- Sharutils buggy? martin f krafft (Jul 15)
- Sharutils buggy? Roland Postle (Jul 15)
- Sharutils buggy? Charles 'core' Stevenson (Jul 15)
- Sharutils buggy? Charles 'core' Stevenson (Jul 15)
- Sharutils buggy? Charles 'core' Stevenson (Jul 15)
- Sharutils buggy? Charles 'core' Stevenson (Jul 15)
- Sharutils buggy? KF (Jul 15)
- Sharutils buggy? KF (Jul 15)
- Sharutils buggy? Charles 'core' Stevenson (Jul 15)
- Sharutils buggy? Roland Postle (Jul 15)
- Sharutils buggy? Charles 'core' Stevenson (Jul 16)