Re: bin/64150: [PATCH] ls(1) coredumps when started via execve(2

看板FB_security作者時間22年前 (2004/03/13 03:16), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串2/12 (看更多)
On Fri, Mar 12, 2004 at 01:06:57PM +0200, Ruslan Ermilov wrote: > And the fact that optind is initially set to 1. I wonder what > could be the implications for setuid programs. There could be > quite unpredictable results, as the "argv" pointer is incorrectly > advanced in this case, and at least several setuid programs that > I've glanced at are vulnerable to this attack. See also: http://www.freebsd.org/cgi/query-pr.cgi?pr=33738 Marc _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 marcolz. 的文章
文章代碼(AID): #10KWns00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 2 之 12 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共12篇)
更多 marcolz. 的文章
文章代碼(AID): #10KWns00 (FB_security)