RE: openbsd 3.4 ps bug

From: thanos F_at_rm@k1s (F_at_rm@k1s)
Date: 11/21/03

  • Next message: Sverre H. Huseby: "Re: Can you exploit this XSS?"
    Date: 21 Nov 2003 08:51:18 -0000
    To: vuln-dev@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    This is the reply mail from the openbsd project.

    -------------------------------------------------------------------
    From :
    "Todd C. Miller" <Todd.Miller@courtesan.com>
    To : "sfdodgfs 54tftdsg" <fsvsunix@hotmail.com>
    CC : bugs@openbsd.org
    Subject :Re: Openbsd 3.4 ps utility bug found
    Date :Mon, 17 Nov 2003 12:58:29 -0700
     
    This is not a security flaw per se since ps is not setuid or setgid
    and the bug only applies when you try to specify a memory file and
    swap file on the command line.

    That said, I have found the bug and will commit a fix.

     - todd

    --------------------------------------------------------------------

    This clears up that the bug is not exploitable.


  • Next message: Sverre H. Huseby: "Re: Can you exploit this XSS?"

    Relevant Pages