Date: Wed, 10 Jul 1996 02:05:12 -0400 (EDT) From: Patrick <patrick@chloe.dmv.com> To: Gary Palmer <gpalmer@freebsd.org> Cc: cschuber@orca.gov.bc.ca, freebsd-security@freebsd.org Subject: Re: CERT Advisory CA-96.13 - Vulnerability in the dip program Message-ID: <Pine.BSF.3.91.960710020214.399A-100000@chloe.dmv.com> In-Reply-To: <29141.836950855@palmer.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
I tried to use the code that I have that exploits the bug in the linux version, and it fails. The code takes advantage of overrunning the buffer in do_chatkey(). I looked through the BSD source and couldn't find a reference to do_chatkey(). ------------------------------------------------------------------------------ Patrick - Systems Administrator patrick@dmv.com DelMarVa OnLine! - Salisbury, MD On Tue, 9 Jul 1996, Gary Palmer wrote: > Cy Schubert - ITSD Open Systems Group wrote in message ID > <199607092134.OAA16884@passer.osg.gov.bc.ca>: > > I believe that the dip program used under FreeBSD is the same program as > > described below. We're probably vulnerable. > > Apparently not. We don't have `dip' in our base system (we use `tip' > and `cu', the more traditional (if they could be called that) > interfaces. The `dip' port isn't based on the linux one, and from the > package that was on the 2.1.0-RELEASE CDROM: > > -r-xr-xr-x bin/bin 36864 Oct 7 00:33 1995 sbin/dip > -r-xr-xr-x bin/bin 0 Oct 7 00:33 1995 sbin/diplogin link to sbin/dip > > ^ ^ > Note the distinct lack of SUID bits ... > > Gary > -- > Gary Palmer FreeBSD Core Team Member > FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960710020214.399A-100000>