Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Sep 2000 06:13:57 +0400
From:      "Andrey A. Chernov" <ache@nagual.pp.ru>
To:        Kris Kennaway <kris@FreeBSD.ORG>
Cc:        Szilveszter Adam <sziszi@petra.hos.u-szeged.hu>, freebsd-security@FreeBSD.ORG
Subject:   Re: [paul@STARZETZ.DE: Breaking screen on BSD]
Message-ID:  <20000912061357.A42654@nagual.pp.ru>
In-Reply-To: <Pine.BSF.4.21.0009111756120.93244-100000@freefall.freebsd.org>; from kris@FreeBSD.ORG on Mon, Sep 11, 2000 at 05:57:07PM -0700
References:  <20000911224221.A14920@petra.hos.u-szeged.hu> <Pine.BSF.4.21.0009111756120.93244-100000@freefall.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 11, 2000 at 05:57:07PM -0700, Kris Kennaway wrote:
> I thought it was a technique for exploiting the known (and fixed)
> vulnerability in the previous version of the screen port, not a new attack
> in itself.

No, it is a new exploit based on execve behaviour and not related
especially to screen, other programs can be affected too. We definitely
need to fix execve.

-- 
Andrey A. Chernov
<ache@nagual.pp.ru>
http://ache.pp.ru/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000912061357.A42654>