From owner-freebsd-security  Tue Jun 13 21:12:53 2000
Delivered-To: freebsd-security@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 542)
	id E234E37BB90; Tue, 13 Jun 2000 21:12:51 -0700 (PDT)
Date: Tue, 13 Jun 2000 21:12:51 -0700
From: "Andrey A. Chernov" <ache@freebsd.org>
To: Igor Roshchin <str@giganda.komkon.org>
Cc: security@freebsd.org
Subject: Re: wu-ftpd vulnerability - is FreeBSD's port vulnerable ?
Message-ID: <20000613211251.A86351@freebsd.org>
References: <200006132210.SAA61771@giganda.komkon.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.4i
In-Reply-To: <200006132210.SAA61771@giganda.komkon.org>; from str@giganda.komkon.org on Tue, Jun 13, 2000 at 06:10:02PM -0400
Organization: Biomechanoid
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, Jun 13, 2000 at 06:10:02PM -0400, Igor Roshchin wrote:
> assumption it will be zeroed - could be, I guess). Aah, an example?;):
> USER <much-more-than-128-bytes> ;) No, no SEGV or crash, simply
> overwritten piece of memory. Some debugging would be nice.

I can say even without debugging that to activate this overflow near 128 bytes 
user name must be present in /etc/passwd

-- 
Andrey A. Chernov
<ache@nagual.pp.ru>
http://ache.pp.ru/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message