Re: More buffer overrun crap -- Solaris 2.5.1 /usr/bin/ps

kevin brintnall (kbrint@VISI.COM)
Sat, 10 May 1997 12:38:17 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: DiGennaro: "Re: Windows 95/NT DoS"
Previous message: Mikael Brandstrom: "Re: Windows 95/NT DoS"
Maybe in reply to: Joe Zbiciak: "More buffer overrun crap -- Solaris 2.5.1 /usr/bin/ps"

> The second tidbit is an apparent buffer overrun in getopt() itself; it
> blindly trusts argv[0] and it appears to generate its error message into
> a local buffer. :-)

> In any case, even if these potential vulnerability aren't as exploitable
> as I might think, I would feel much safer if Sun were to patch these.

the getopt(3) problem has been fixed since 103612-21. the most current
libc patch is 103612-23. Get It.

kevin brintnall <kbrint@visi.com>
network engineer, vector internet
E3979560EF3E00B7 36D422A3C0F3741C

Next message: DiGennaro: "Re: Windows 95/NT DoS"
Previous message: Mikael Brandstrom: "Re: Windows 95/NT DoS"
Maybe in reply to: Joe Zbiciak: "More buffer overrun crap -- Solaris 2.5.1 /usr/bin/ps"