From owner-freebsd-security Mon Aug 19 9: 5: 9 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC91637B400 for ; Mon, 19 Aug 2002 09:05:05 -0700 (PDT) Received: from TMA-1.brad-x.com (static-b2-191.highspeed.eol.ca [64.56.236.191]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B5AA43E65 for ; Mon, 19 Aug 2002 09:05:05 -0700 (PDT) (envelope-from brad@brad-x.com) Received: from brad-x.com (Discovery.brad-x.com [201.64.15.21]) by TMA-1.brad-x.com (Postfix) with ESMTP id 2A6A222104A for ; Mon, 19 Aug 2002 12:05:24 -0400 (EDT) Message-ID: <3D611737.4010803@brad-x.com> Date: Mon, 19 Aug 2002 12:05:11 -0400 From: Brad Laue User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0.0) Gecko/20020806 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:38.signed-error References: <200208191256.g7JCuNAd018797@freefall.freebsd.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org FreeBSD Security Advisories wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > ============================================================================= > FreeBSD-SA-02:38.signed-error Security Advisory > The FreeBSD Project > > Topic: Boundary checking errors involving signed integers This might be an obtuse question, but I'm going to risk it and ask anyway. Given that accept(2) and getpeername(2) are vulnerable one would think this were remotely exploitable, but I'm not familiar enough to say this for certain. Is this a remotely exploitable issue, or only local? Brad -- // -- http://www.BRAD-X.com/ -- // To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message