Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Buffer overflow in bing
From: Kris Kennaway <kris () FREEBSD ORG>
Date: Mon, 22 Jan 2001 17:33:40 -0800

On Fri, Jan 19, 2001 at 08:30:01PM +0100, Pierre Beyssac wrote:
On Fri, Jan 19, 2001 at 06:52:27PM +0100, Paul Starzetz wrote:
The buffer overflowed is a 80 byte static local buffer:
    static char buf[80];

It is patched by default in FreeBSD's package collection. Here's
the patch below (author: jseger () freebsd org).

Actually, the patch was mine :-)

revision 1.1
date: 2000/03/05 05:30:54;  author: kris;  state: Exp;
This is a setuid root binary. sprintf()s of DNS hostnames into undersized
buffers are bad. Fix this. It should also drop privileges for extra
safety, but doesn't.


NOTE: To fetch an updated copy of my GPG key which has not expired,
finger kris () FreeBSD org

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]