Home page logo
/

bugtraq logo Bugtraq mailing list archives

Clarification needed on the snoop vuln(s)
From: ah () SECURITYFOCUS COM (Alfred Huger)
Date: Thu, 9 Dec 1999 11:56:11 -0800


As you all know, we have recently seen two /usr/sbin/snoop overflows.
Posted by both ISS and w00w00. Sun has released patches for the ISS
vulnerability, what I am wondering is, does this also solve the w00w00
problem.

For referance the patches in question are:

Solaris 7       sparc   108482-01
Solaris 7       x86     108483-01
Solaris 5.6     sparc   108492-01
Solaris 5.6     x86     108493-01
Solaris 5.5     sparc   108501-01
Solaris 5.5     x86     108502-01
Solaris 5.4     sparc   108490-01
Solaris 5.4     x86     108491-01
Solaris 5.3     sparc   108489-01

The vulnerabilties in question are:

ISS /usr/sbin/snoop:

http://www.securityfocus.com/bid/864

w00w00 /usr/sbin/snoop overflow:

http://www.securityfocus.com/bid/858

Alfred Huger
VP of Engineering
SecurityFocus.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]