Date: Wed, 30 Jun 1999 05:53:41 -0400 (EDT) From: Bill Fumerola <billf@chc-chimes.com> To: David O'Brien <obrien@FreeBSD.ORG> Cc: Bill Fumerola <billf@jade.chc-chimes.com>, hackers@FreeBSD.ORG Subject: Re: tcpdump(1) additions. Message-ID: <Pine.HPP.3.96.990630055143.23532N-100000@hp9000.chc-chimes.com> In-Reply-To: <19990630011532.A97926@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Jun 1999, David O'Brien wrote: > On Tue, Jun 29, 1999 at 06:54:06PM -0400, Bill Fumerola wrote: > > Unless there is strong feelings against it, I'd like to commit the smb > > patches (as seen on www.samba.org) > > Cool! I've been meaning to do this for quite some time. HOWEVER, please > reference this PGP signed email (I'll send you the full copy) in the > commit message: Excellent. > Note that the Tcpdump patches from www.samba.org are under the GPL. > Andrew Tridgell also warned: > > I should warn you though that there are some security issues with my > tcpdump-smb patches. It is possible for a malicious user to put > packets on the wire that will cause a buffer overflow in the SMB > parser in that code. That could lead to a root exploit. > > I just haven't got around to fixing it yet. Hmmm.. but a non-superuser never sees any of those malicious packets, and the program is not installed suid, so how would that happen? - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerol@computerhorizons.com - billf@FreeBSD.org - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.HPP.3.96.990630055143.23532N-100000>