Date: Sun, 24 Oct 2004 23:49:18 -0500 From: "Daniel M. Kurry" <gh@over-yonder.net> To: Jerry Bell <jerry@syslog.org> Cc: freebsd-chat@freebsd.org Subject: Re: RedHat: Buffer Overflow in 'ls' and 'mkdir' Message-ID: <20041025044918.GC48024@over-yonder.net> In-Reply-To: <3744.24.98.86.57.1098677603.squirrel@24.98.86.57> References: <200410242157.i9OLvRtV011244@2ens11.uta.edu> <pan.2004.10.24.22.35.11.206965@grimstveit.no> <3744.24.98.86.57.1098677603.squirrel@24.98.86.57>
next in thread | previous in thread | raw e-mail | index | archive | help
Jerry Bell said something like: > A healthy bit of skepticism goes a long way. I choked on the first > sentence: "Redhat found a vulnerability in fileutils (ls and mkdir), that > could allow a remote attacker to execute arbitrary code with root > privileges." The word "remote" stands out like a sore thumb to me. > *cough Then again, RedHat is one of those *Linux derivatives* that are smelling more like Windows by the day. 'ls' could perform a dictionary lookup to point out spelling errors in filenames. Daniel, "Hey, this is -chat, right?" 8-) 8-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041025044918.GC48024>