Date: Thu, 04 Oct 2007 15:39:08 +0200 From: Stefan Esser <se@FreeBSD.org> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org Subject: Re: OpenSSL bufffer overflow Message-ID: <4704ECFC.5070902@FreeBSD.org> In-Reply-To: <200710032349.l93Nn8Co011720@lava.sentex.ca> References: <46FD7595.8090506@FreeBSD.org> <200710032349.l93Nn8Co011720@lava.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Tancsa schrieb: > At 05:43 PM 9/28/2007, Stefan Esser wrote: >> I did not see any commits to the OpenSSL code, recently; is anybody >> going to commit the fix? >> >> See http://www.securityfocus.com/archive/1/480855/30/0 for details ... > > How serious is this particular issue ? Is it easily exploitable, or > difficult to do ? Are some apps more at risk of exploitation than > others ? e.g. ssh,apache ? Seems that the following URL (from the FreeBSD Security Advisory) has a better formatted version of the same information as can be found at the location I had given: http://marc.info/?l=bugtraq&m=119091888624735 A trailing '\0' can be written on the position following a buffer, with little effort. The BugTraq entry describes it in detail ... But (AFAIK) no further analysis has been performed. Regards, STefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4704ECFC.5070902>