Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: HP-UX finger possible security hole
From: hofmann () WPAX01 PHYSIK UNI-WUERZBURG DE (hofmann () WPAX01 PHYSIK UNI-WUERZBURG DE)
Date: Wed, 27 May 1998 11:44:25 +0200


Verified this on HP/UX 10.20 (B.10.20 A 9000/778).

The string length limit actually is 80 chars. 81 will cause segfault.
Interestingly, finger only prints 48 chars of the given username. But
it does not crash until the string is longer than 80 chars.

Bye,
Frank Hofmann



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]