wietsePORCUPINE.ORG

• Next message: Frank da Cruz: "Re: [Stan Bubrouski <satanFASTDIAL.NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]]"
• Previous message: Stan Bubrouski: "Why pine must never be sgid"
• In reply to: Stan Bubrouski: "Re: rh 6.2 - gid compromises, etc [+ MORE!!!]"
• Next in thread: Stan Bubrouski: "Re: rh 6.2 - gid compromises, etc"
• Reply: Wietse Venema: "Re: rh 6.2 - gid compromises, etc [+ MORE!!!]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

Stan Bubrouski:
> tcp_wrappers has buffer overflow when argv[0] is big
> and may have another potential overflow (would be more
> serious) in code dealing with hosts and users more info
> plus crappy patches can be found at:
> http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=11881

The tcpd process name is specified by the super-user in the
inetd.conf file, which is owned by the super-user.

If an attacker can replace the tcpd process name in the inetd.conf
file, then your system has suffered a total breach of security.

The other claims are even more bogus (the poster overlooks that
null-terminated strings are shorter than their containing buffer).

Waste no time on this.

        Wietse

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBOVPE6dyA8qbVMny5AQH+7QP9EKonM9OHiBwQG5fNhTwjSQR0SKWCnedB
Ad5pTsZ5knmXflKbA9GbMoLZib6/RsL6834metreSXFlZcKGnxTOOwAJMkGRv38R
4rywpX/tQTOIAb5FqszLHyQQDxbDyxHjH7RXpH8b69z0lz8ZXw4/opvKOiuZMhYt
OHCYP0c+vpQ=
=p/NZ
-----END PGP SIGNATURE-----

• Next message: Frank da Cruz: "Re: [Stan Bubrouski <satanFASTDIAL.NET>: Re: rh 6.2 - gidcompromises, etc [+ MORE!!!]]"
• Previous message: Stan Bubrouski: "Why pine must never be sgid"
• In reply to: Stan Bubrouski: "Re: rh 6.2 - gid compromises, etc [+ MORE!!!]"
• Next in thread: Stan Bubrouski: "Re: rh 6.2 - gid compromises, etc"
• Reply: Wietse Venema: "Re: rh 6.2 - gid compromises, etc [+ MORE!!!]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]