Date: Mon, 24 Apr 2000 12:32:10 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL> Cc: BUGTRAQ@SECURITYFOCUS.COM, freebsd-security@freebsd.org, security-officer@freebsd.org Subject: Re: freebsd libncurses overflow Message-ID: <Pine.BSF.4.21.0004241225510.77386-100000@freefall.freebsd.org> In-Reply-To: <Pine.BSF.4.21.0004241152420.77386-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 24 Apr 2000, Kris Kennaway wrote:
> On Mon, 24 Apr 2000, Przemyslaw Frasunek wrote:
>
> > - 3.4-STABLE -- vulnerable
> > - 4.0-STABLE -- not tested (probably *not* vulnerable)
>
> -- *not* vulnerable
>
> > - 5.0-CURRENT -- *not* vulnerable
>
> Unfortunately, Mr Frasunek didn't see fit to notifying us before releasing
> his advisory - it will probably be a day or two before this gets
> fixed. Sorry all.
Furthermore, it is not actually a vulnerability. It seems that setuid
programs will not accept an alternate termcap file via TERMCAP even under
the old version of ncurses in FreeBSD 3.x. Therefore this "exploit" can
only be used on your own binaries.
(If we'd have been told beforehand I could have saved Mr Frasunek the
embarrassment ;-)
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0004241225510.77386-100000>