Vulnerability Development mailing list archives
potential chage ovf
From: marcys () FREE COM PL (m4rcyS)
Date: Wed, 17 Nov 1999 15:01:24 +0100
I've found that chage (+s, rh 6.1) strcpy()'s lines from /etc/passwd. I've no sources by my hand but I think there's possibility to overflow chage with the GECOS field ... greetz, ____________________________________________________________ m4rcyS email: marcys () free com pl, m () sh pl "I think there is a world market for maybe five computers." - Thomas Watson, chairman of IBM, 1943 ------------------------------------------------------------
Current thread:
- MS Outlook javascript parsing bug Mikael Olsson (Nov 09)
- Open Port on Win98 box tschweikle () FIDUCIA DE (Nov 10)
- Re: Open Port on Win98 box Marc Esipovich (Nov 09)
- Re: Open Port on Win98 box Marc Esipovich (Nov 09)
- Re: Open Port on Win98 box Mike Bush (Nov 13)
- Re: Open Port on Win98 box Marc Esipovich (Nov 09)
- Re: Open Port on Win98 box Blue Boar (Nov 10)
- Re: Open Port on Win98 box Dragos Ruiu (Nov 10)
- minor (?) mc bug m4rcyS (Nov 10)
- Re: minor (?) mc bug Blue Boar (Nov 13)
- potential chage ovf m4rcyS (Nov 17)
- Open Port on Win98 box tschweikle () FIDUCIA DE (Nov 10)
- <Possible follow-ups>
- Re: MS Outlook javascript parsing bug Reed, David (Nov 10)