From owner-freebsd-bugs  Sat Nov 21 20:39:57 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA27917
          for freebsd-bugs-outgoing; Sat, 21 Nov 1998 20:39:57 -0800 (PST)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA27909
          for <freebsd-bugs@FreeBSD.org>; Sat, 21 Nov 1998 20:39:56 -0800 (PST)
          (envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.8.8/8.8.5) id UAA00498;
	Sat, 21 Nov 1998 20:40:01 -0800 (PST)
Date: Sat, 21 Nov 1998 20:40:01 -0800 (PST)
Message-Id: <199811220440.UAA00498@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.ORG
From: David Greenman <dg@root.com>
Subject: Re: bin/8790: [PATCH] Buffer overrun in nvi-1.79. 
Reply-To: David Greenman <dg@root.com>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

The following reply was made to PR bin/8790; it has been noted by GNATS.

From: David Greenman <dg@root.com>
To: viro@math.psu.edu
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: bin/8790: [PATCH] Buffer overrun in nvi-1.79. 
Date: Sat, 21 Nov 1998 20:39:19 -0800

 >	Regex used in nvi is vulnerable to the following exploit:
 
    I'm wondering what you mean by "exploitable buffer overrun"...? You make
 this sound like a security problem, but nvi isn't installed suid/sgid.
 
 -DG
 
 David Greenman
 Co-founder/Principal Architect, The FreeBSD Project

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message