Re: ecartis / listar PoC
From: KF (dotslash@snosoft.com)Date: 04/26/02
- Previous message: David Korn: "RE: Microsoft Baseline Security Analyzer exploit (Exposed vulnera bilities' list)"
- Maybe in reply to: KF: "ecartis / listar PoC"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Apr 2002 09:04:40 -0400 From: KF <dotslash@snosoft.com> To: John Madden <weez@freelists.org>
The thing is this is the least of their worries... and as you said the
author IS working dilligently to fix the issues at hand. As for the
patch ... knock your self out heres the errant code.
[root@ghetto ecartis-1.0.0]# grep -n pathname"\[" src/core.c
80:char pathname[BIG_BUF];
[root@ghetto ecartis-1.0.0]# grep -n "sprintf(pathname" src/core.c
891: sprintf(pathname, "%s", argv[0]);
-KF
John Madden wrote:
>On Wednesday 24 April 2002 08:56 pm, KF wrote:
>
>>Heres some code for this post a while back ...
>>http://online.securityfocus.com/archive/82/258763
>>This is NOT the same issue in the my_strings.c there are MULTIPLE issues
>>in ecartis still and the same goes for listar...
>>This issue is a strcpy from argv to a fixed buffer .... nothing special.
>>
>
>Please see Ecartis' mailing list archives regarding these issues. They're
>aware of the problems and are working to resolve them.
>
>How about, instead of just telling us about there being multiple issues
>and posting an exploit, you post a patch to help fix the issues?
>
>Thanks,
> John
>
>
>
>
>
>
>
>
- Previous message: David Korn: "RE: Microsoft Baseline Security Analyzer exploit (Exposed vulnera bilities' list)"
- Maybe in reply to: KF: "ecartis / listar PoC"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
