Here are my preliminary tests: 5.2.18 is vulnerable (stock Redhat 3.0.3) 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) Dave G. <daveg@escape.com> http://www.escape.com/~daveg
Hackboy--Defender of all things Digital
1997-Feb-19 00:05 UTC
Re: [linux-security] NLSPATH Stack Overwrite
On Fri, 14 Feb 1997, Dave G. wrote:> Here are my preliminary tests: > > 5.2.18 is vulnerable (stock Redhat 3.0.3) > 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) >The 5.3.12-8 package is vunerable (ran the prog and got a root prompt) but the 5.3.12-17 package that''s in the upgrades dir for 4.0 is not. --- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ And sanity is really just a one trick pony, bkreed@acm.org anyway. I mean, all you get is one trick, bkreed@cs.twsu.edu RATIONAL THINKING! But when you''re good bkreed@squashduck.com and crazy, the sky''s the limit!" http://www.squashduck.com - The TICK Bryan K. Reed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 5.2.18 is vulnerable (stock Redhat 3.0.3) > 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think)Stock Red Hat 4.0 is vulnerable to NLSPATH overruns, one with the current libc-5.3.12 rpms from about 2 months ago isnt. Thats one of the many things it fixed. There were also the DNS buffer overruns in rcmd, and some other BSD shared ones that openbsd I think also swatted about the same time, if not a bit earlier. Alan
I mentioned this on bugtraq, but why not repeat? Debian 1.2.x is not vulnerable. Debian 1.1.x is. Dave G. wrote:> > Here are my preliminary tests: > > 5.2.18 is vulnerable (stock Redhat 3.0.3) > 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) > > Dave G. > <daveg@escape.com> > http://www.escape.com/~daveg