Re: *BSD user-ppp local root (when conditions permit)

看板FB_security作者時間18年前 (2008/03/02 18:51), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串4/6 (看更多)
Dan, good day. Sun, Mar 02, 2008 at 01:48:17AM +0100, Dan Lukes wrote: > Eygene Ryabinkin napsal/wrote, On 03/02/08 00:06: >>> 1. Run ppp >>> 2. type the following (or atleat some variation of) > ... > >> Yes, good catch: looks like stack-based buffer overflow > >> Could you please test the following rough patch > > It seems you are going to cut of part of line silently. > > IMHO - the line shall be rejected as invalid at all or warning needs to be > issued at least ... Yes, I will add the neccessary statements. But first I want to verify that the exploitation path is not available anymore. > Someone may create so long line (unintentionally), it will not work for him > with no hint why - it's not so polite ... May be the buffer should even be dynamically resized -- will look into it. Thanks! -- Eygene _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 rea-fbsd. 的文章
文章代碼(AID): #17oeQb00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 4 之 6 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共6篇)
更多 rea-fbsd. 的文章
文章代碼(AID): #17oeQb00 (FB_security)