Full Disclosure mailing list archives
Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir"
From: Stephen Jimson <alf1num3rik () yahoo com>
Date: Tue, 26 Oct 2004 02:57:59 -0700 (PDT)
<snip from the ISC's SANS> The k-otik folks have an analysis of the bad things that might happen if you follow the instructions in the fake RedHat advisory that was reported in yesterday's diary: http://www.k-otik.com/news/FakeRedhatPatchAnalysis.txt <snip> the source code is also there Steph --- Brett Campbell <brett () custom-tech net> wrote:
On Sun, Oct 24, 2004 at 06:18:41PM -0700, Andrew Farmer wrote: <snip>I did a quickie analysis of the program (which isbasically justdistributed as source!).<snip> when did you get a hold of the tarball? they must've yanked the record for www.fedora-redhat.com ... it can't be resolved in any way. pretty interesting (and pathetic) anyways, nice detective work. -- [ Brett R. Campbell ] -> Configuration Management / Systems Administration -> Collaborative Agent Design Research Center -> California Polytechnic State University, SLO, CA
__________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Hugo van der Kooij (Oct 24)
- Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Harry Hoffman (Oct 24)
- Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Andrew Farmer (Oct 24)
- Re: [security] Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Brett Campbell (Oct 26)
- Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Vincent Archer (Oct 25)
- Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Andrew Farmer (Oct 24)
- <Possible follow-ups>
- FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Feher Tamas (Oct 25)
- Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Stephen Jimson (Oct 26)
- Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" Harry Hoffman (Oct 24)