From owner-freebsd-security Tue Apr 21 04:20:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA16578 for freebsd-security-outgoing; Tue, 21 Apr 1998 04:20:15 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from kamna.eunet.cz (kamna.eunet.cz [193.85.255.30]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id LAA16112 for ; Tue, 21 Apr 1998 11:17:03 GMT (envelope-from martin@eunet.cz) Message-Id: <199804211117.LAA16112@hub.freebsd.org> Received: (qmail 9721 invoked from network); 21 Apr 1998 11:16:20 -0000 Received: from woody.eunet.cz (HELO eunet.cz) (@193.85.255.60) by kamna.eunet.cz with SMTP; 21 Apr 1998 11:16:20 -0000 X-Mailer: exmh version 2.0.2 2/24/98 To: freebsd-security@FreeBSD.ORG Subject: Re: Nasty security hole in "lprm" (fwd) In-reply-to: Your message of "Mon, 20 Apr 1998 13:57:42 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 21 Apr 1998 13:16:19 +0200 From: Martin Machacek Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk > > Do we got this one? > > lprm -Psome_remote `perl -e 'print "a" x 2000'` > Segmentation fault Seems, that at least FreeBSD-3.0 is safe. I've tried it in tcsh, csh, bash an sh and I've got either: : lpd: Command line too long or Word too long. The ultimate check is to look into code, of course ... -- Martin Machacek [Internet CZ, Zirovnicka 6/3133, 106 00 Prague 10, Czech Republic] [phone: +420 2 71760337 fax: +420 2 24245125] [PGP KeyID 00F9E4BD] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message