mailing list archives
Re: [RHSA-1999:017-01] Potential security problem in Red Hat 6.0 net-tools. (fwd)
From: daw () CS BERKELEY EDU (David Wagner)
Date: Sun, 11 Jul 1999 18:54:36 -0700
In article <m3iu8coudx.fsf () soma andreas org>,
Andreas Bogk <andreas () ANDREAS ORG> wrote:
Raymond Dijkxhoorn <raymond () THRIJSWIJK NL> writes:
7. Problem description:
Several potential buffer overruns have been corrected within the net-tools
Could someone from RedHat please identify the programs in
question, their version numbers, the history of the code or something
else which allows me to find out whether I'm affected or not?
I'm not from RedHat. But maybe I can try to help a little, since I think I
was the one who reported these vulnerabilities.
I think the problem is present in nettools-1.52 and prior versions. There
were a number of buffer overruns. To see an example of one, try grepping for
strcpy in lib/inet.c; if you see something like ``strcpy(name, hp->h_name);''
you might have the vulnerable version; if you see lots of safe_strncpy()'s,
you probably have the safe version. (I think.)
Maybe this is enough to get you started.
But please take this with a grain of salt. I am an outsider. For official
answers, you'd do better to ask RedHat or the code maintainers.
Credits: These buffer overruns were found with the help of an automated code
auditing tool which was developed in collaboration with Jeff Foster, Eric
Brewer, and Alex Aiken (also at Berkeley).
- Re: [RHSA-1999:017-01] Potential security problem in Red Hat 6.0 net-tools. (fwd) David Wagner (Jul 12)