Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir"
From: Stephen Jimson <alf1num3rik () yahoo com>
Date: Tue, 26 Oct 2004 02:57:59 -0700 (PDT)

<snip from the ISC's SANS>
The k-otik folks have an analysis of the bad things
that might happen if you follow the instructions in
the fake RedHat advisory that was reported in
yesterday's diary:

http://www.k-otik.com/news/FakeRedhatPatchAnalysis.txt

<snip>

the source code is also there

Steph


--- Brett Campbell <brett () custom-tech net> wrote:

On Sun, Oct 24, 2004 at 06:18:41PM -0700, Andrew
Farmer wrote:
<snip> 
I did a quickie analysis of the program (which is
basically just 
distributed as source!).
<snip>

when did you get a hold of the tarball? they must've
yanked the record
for www.fedora-redhat.com ... it can't be resolved
in any way.

pretty interesting (and pathetic) anyways, nice
detective work.

-- 
[ Brett R. Campbell ]
 -> Configuration Management / Systems
Administration
 -> Collaborative Agent Design Research Center
 -> California Polytechnic State University, SLO, CA



                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]