OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Marcell Fodor (m.fodormail.datanet.hu)
Date: Fri Apr 19 2002 - 17:42:51 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    ('binary' encoding is not supported, stored as-is) effect:
            local root

     vulnerable services:

            -pass Kerberos IV TGT
            -pass AFS Token

    bug details:

            radix.c
            GETSTRING macro in radix_to_creds
    function may cause buffer overflow.
            affected buffers:
            
                creds->service
                creds->instance
                creds->realm
                creds->pinst

    exploit code here: mantra.freeweb.hu