|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Potential security problem with mtr - fixed
From: Jeff Dafoe (jeffd
EVCOM.NET)Date: Mon Mar 06 2000 - 09:24:56 CST
- Next message: Andrei Koulik: "Re: Minor security problem in The Bat!"
- Previous message: Viktor Fougstedt: "Re: Potential security problem with mtr"
- In reply to: Viktor Fougstedt: "Potential security problem with mtr"
- Reply: Jeff Dafoe: "Re: Potential security problem with mtr - fixed"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> The mtr developers have been contacted on the address supplied with
> the code, but no reply has been received.
>
> The remedy to this problem is very simple: the call to seteuid()
> should be replaced with a call to setuid(). Apply the following
> diff to mtr.c
> in the mtr distribution.
From /usr/doc/mtr/changelog.Debian.gz:
mtr (0.28-1) stable; urgency=high
* Security fix for theoretical stack-smash-and-fork attack -
s/seteuid/setuid/ in mtr.c
- Next message: Andrei Koulik: "Re: Minor security problem in The Bat!"
- Previous message: Viktor Fougstedt: "Re: Potential security problem with mtr"
- In reply to: Viktor Fougstedt: "Potential security problem with mtr"
- Reply: Jeff Dafoe: "Re: Potential security problem with mtr - fixed"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]