Re: *BSD user-ppp local root (when conditions permit)
- From: Eygene Ryabinkin <rea-fbsd@xxxxxxxxxxx>
- Date: Sun, 2 Mar 2008 08:59:53 +0300
Dan, good day.
Sun, Mar 02, 2008 at 01:48:17AM +0100, Dan Lukes wrote:
Eygene Ryabinkin napsal/wrote, On 03/02/08 00:06:
...1. Run ppp
2. type the following (or atleat some variation of)
Yes, good catch: looks like stack-based buffer overflow
Could you please test the following rough patch
It seems you are going to cut of part of line silently.
IMHO - the line shall be rejected as invalid at all or warning needs to be
issued at least ...
Yes, I will add the neccessary statements. But first I want to
verify that the exploitation path is not available anymore.
Someone may create so long line (unintentionally), it will not work for him
with no hint why - it's not so polite ...
May be the buffer should even be dynamically resized -- will look
into it.
Thanks!
--
Eygene
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: *BSD user-ppp local root (when conditions permit)
- From: Eygene Ryabinkin
- Re: *BSD user-ppp local root (when conditions permit)
- References:
- Re: *BSD user-ppp local root (when conditions permit)
- From: Eygene Ryabinkin
- Re: *BSD user-ppp local root (when conditions permit)
- From: Dan Lukes
- Re: *BSD user-ppp local root (when conditions permit)
- Prev by Date: Re: *BSD user-ppp local root (when conditions permit)
- Next by Date: Re: *BSD user-ppp local root (when conditions permit)
- Previous by thread: Re: *BSD user-ppp local root (when conditions permit)
- Next by thread: Re: *BSD user-ppp local root (when conditions permit)
- Index(es):
Relevant Pages
|
|
