Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

[linux-security] write(1) leak
From: dholland () EECS HARVARD EDU (David Holland)
Date: Sun, 19 Jan 1997 12:10:00 -0600

Some versions (the util-linux version, but not the netwrite or netkit
versions) of /usr/bin/write have a buffer overrun problem that is
almost certainly exploitable. Note that this gives access to the tty
group, but not (directly) root.

The fix is to change the two sprintfs to snprintfs. Patches have been
mailed to the maintainer.

--
   - David A. Holland             |    VINO project home page:
     dholland () eecs harvard edu    | http://www.eecs.harvard.edu/vino

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]