Locate overflow / Promiscuous mode / Posting tips

davemISS.NET

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Randy Richardson: "Re: NMRC Advisory - Default NDS Rights"
• Previous message: J. Joseph Max Katz: "Re: BASH buffer overflow, LiNUX x86 exploit"
• In reply to: Crispin Cowan: "Re: BASH buffer overflow, LiNUX x86 exploit"
• Next in thread: Crispin Cowan: "Re: Locate overflow / Promiscuous mode / Posting tips"

The overflow in locate was reported to bugtraq at least on 3/6/98 by
Michal Zalewski (http://www.geek-girl.com/bugtraq/1998_1/0351.html).

It's probably also worth noting the promiscuous thread has been discussed
numerous times before; the particular method in this thread was noted
on comp.security.unix by Stefan Schmidt on 10/19/97, although I don't
believe it was even new at that time (but I don't have an earlier reference).

It might be worthwhile to the whole bugtraq community if people were to do
at least a cursory search on a bugtraq and usenet archive, and if
there has been relevant material to provide references to the prior
published work and limit their comments to that which is new.

Places to research your posts include:
(http://www.geek-girl.com/bugtraq/search.html, http://www.dejanews.com)

I have been guilty of this in the past, in fact I'm guilty of it right now
as this has been said before, but maybe a friendly reminder would help
raise the S:N ratio.

-Dave

"So... how much longer is this futile slashing going to continue?"
                                             -Theo de Raadt

• Next message: Randy Richardson: "Re: NMRC Advisory - Default NDS Rights"
• Previous message: J. Joseph Max Katz: "Re: BASH buffer overflow, LiNUX x86 exploit"
• In reply to: Crispin Cowan: "Re: BASH buffer overflow, LiNUX x86 exploit"
• Next in thread: Crispin Cowan: "Re: Locate overflow / Promiscuous mode / Posting tips"