Date: Tue, 13 Jun 2000 21:12:51 -0700 From: "Andrey A. Chernov" <ache@freebsd.org> To: Igor Roshchin <str@giganda.komkon.org> Cc: security@freebsd.org Subject: Re: wu-ftpd vulnerability - is FreeBSD's port vulnerable ? Message-ID: <20000613211251.A86351@freebsd.org> In-Reply-To: <200006132210.SAA61771@giganda.komkon.org>; from str@giganda.komkon.org on Tue, Jun 13, 2000 at 06:10:02PM -0400 References: <200006132210.SAA61771@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 13, 2000 at 06:10:02PM -0400, Igor Roshchin wrote: > assumption it will be zeroed - could be, I guess). Aah, an example?;): > USER <much-more-than-128-bytes> ;) No, no SEGV or crash, simply > overwritten piece of memory. Some debugging would be nice. I can say even without debugging that to activate this overflow near 128 bytes user name must be present in /etc/passwd -- Andrey A. Chernov <ache@nagual.pp.ru> http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000613211251.A86351>