Bugtraq mailing list archives
Re: Internet Auditing Project
From: hjp () WSR AC AT (Peter J. Holzer)
Date: Tue, 17 Aug 1999 14:26:33 +0200
On 1999-08-16 09:51:58 +0800, David Luyer wrote:
The tool mentioned in this has a couple of show-stopper bugs
Yes, there is also a buffer overflow in job.c (See attached patch). I
wonder how they could run this program for a month. Maybe they posted a
bug-ridden version to make it a little bit more difficult for the script
kiddies?
hp
--
_ | Peter J. Holzer | Nobody should ever have to be
|_|_) | Sysadmin WSR / Obmann LUGA | ashamed if they have a secret love
| | | hjp () wsr ac at | for writing computer programs that
__/ | http://wsrx.wsr.ac.at/~hjp/ | actually work. -- Donald E. Knuth
diff -u orig/bass-1.0.7/job.c bass-1.0.7/job.c
--- orig/bass-1.0.7/job.c Sun Aug 8 21:43:51 1999
+++ bass-1.0.7/job.c Sun Aug 15 16:51:59 1999
@@ -48,7 +48,7 @@
jobcontrol->alloc += slots + 64;
jobcontrol->pids = (int *) xrealloc(jobcontrol->pids,
jobcontrol->alloc * sizeof(int));
- for(i = jobcontrol->alloc-slots-64; i<jobcontrol->alloc+slots+64; i++)
+ for(i = jobcontrol->alloc-slots-64; i<jobcontrol->alloc; i++)
jobcontrol->pids[i] = JOB_FREE_SLOT;
}
<!-- attachment="bin0a12873" -->
<HR>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>
Current thread:
- Internet Auditing Project Elias Levy (Aug 13)
- Re: Internet Auditing Project Jerry Carlin (Aug 13)
- Re: Internet Auditing Project CyberPsychotic (Aug 16)
- Re: Internet Auditing Project Viljo Hakala (Aug 17)
- Stupid bug in W3-msql gregory duchemin (Aug 17)
- Re: Stupid bug in W3-msql David J. Hughes (Aug 19)
- Httpd Logging Methods v0rt (Aug 23)
- <Possible follow-ups>
- Re: Internet Auditing Project David Luyer (Aug 15)
- Re: Internet Auditing Project Peter J. Holzer (Aug 17)
- [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent() Bill Nottingham (Aug 17)
- Re: [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent() Michal Zalewski (Jul 03)
- Re: [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent() Michal Zalewski (Jul 03)
- Re: [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent() Tymm Twillman (Aug 19)
- Re: [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent() Michal Zalewski (Jul 03)
- [RHSA-1999:029-01] Denial of service attack in in.telnetd Bill Nottingham (Aug 19)
- Re: [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent() Olaf Kirch (Aug 19)
- Insecure use of file in /tmp by trn Martin Schulze (Aug 19)
- Winamp SHOUTcast server: Gain Administrator Password Michael (Aug 20)
- Re: Insecure use of file in /tmp by trn Rogier Wolff (Aug 21)
- Re: Internet Auditing Project Jerry Carlin (Aug 13)
