From owner-freebsd-hackers Wed Jun 30 7: 6:53 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from hp9000.chc-chimes.com (hp9000.chc-chimes.com [206.67.97.84]) by hub.freebsd.org (Postfix) with ESMTP id CEB14152A0; Wed, 30 Jun 1999 07:06:50 -0700 (PDT) (envelope-from billf@chc-chimes.com) Received: from localhost by hp9000.chc-chimes.com with SMTP (1.39.111.2/16.2) id AA126036421; Wed, 30 Jun 1999 05:53:41 -0400 Date: Wed, 30 Jun 1999 05:53:41 -0400 (EDT) From: Bill Fumerola To: David O'Brien Cc: Bill Fumerola , hackers@FreeBSD.ORG Subject: Re: tcpdump(1) additions. In-Reply-To: <19990630011532.A97926@dragon.nuxi.com> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 30 Jun 1999, David O'Brien wrote: > On Tue, Jun 29, 1999 at 06:54:06PM -0400, Bill Fumerola wrote: > > Unless there is strong feelings against it, I'd like to commit the smb > > patches (as seen on www.samba.org) > > Cool! I've been meaning to do this for quite some time. HOWEVER, please > reference this PGP signed email (I'll send you the full copy) in the > commit message: Excellent. > Note that the Tcpdump patches from www.samba.org are under the GPL. > Andrew Tridgell also warned: > > I should warn you though that there are some security issues with my > tcpdump-smb patches. It is possible for a malicious user to put > packets on the wire that will cause a buffer overflow in the SMB > parser in that code. That could lead to a root exploit. > > I just haven't got around to fixing it yet. Hmmm.. but a non-superuser never sees any of those malicious packets, and the program is not installed suid, so how would that happen? - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerol@computerhorizons.com - billf@FreeBSD.org - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message