Vulnerability Development mailing list archives
Re: UCD-4.2.2 snmptrapd verification
From: Olaf Kirch <okir () caldera de>
Date: Wed, 20 Feb 2002 10:18:32 +0100
On Tue, Feb 19, 2002 at 01:58:26PM -0500, KF wrote:
Olaf you are one of few that can duplicate this... can you tell us a little more about what you guys found? Is this caused by a specific version of libdb and do you know which one?
This is with the db implementation from sleepycat. At least version 3.3.11 has a db.1.85/PORT/linux/Makefile that adds an snprintf.o to libdb.a that looks like this (removed a bunch of #ifdefs): int snprintf(char *str, size_t n, const char *fmt, ...) { va_list ap; int rval; va_start(ap, fmt); rval = vsprintf(str, fmt, ap); va_end(ap); return (rval); } They have an equally glorious vsnprintf implementation in the same file. Took me a while to hunt this down. ar t /usr/lib/libdb.a is your friend :)
Was the box you were on intel based or PowerPC based? Wes from NAI could only duplicate this on a "old" PowerPC box. I also run PowerPC, an intel box to throw in the mix would perhaps make this more interesting?
Those were Intel boxes, but at least the bug we've been seeing was not architecture specific. If you're seeing the bug only on a PowerPC, my guess would be that it has a slightly older libdb, or your vendor (RedHat?) released a security patch for IA32 but not the PPC. I can't speak for RedHat, but at least for OpenLinux, releases for another architecture (those few releases that we did so far) were always slightly different from the Intel one, despite having the same version number. Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir () monad swb de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okir () caldera de +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
Current thread:
- UCD-4.2.2 snmptrapd verification KF (Feb 15)
- Re: UCD-4.2.2 snmptrapd verification Olaf Kirch (Feb 18)
- Re: UCD-4.2.2 snmptrapd verification Wes Hardaker (Feb 19)
- Re: UCD-4.2.2 snmptrapd verification KF (Feb 19)
- Re: UCD-4.2.2 snmptrapd verification Olaf Kirch (Feb 20)
- Re: UCD-4.2.2 snmptrapd verification Olaf Kirch (Feb 18)