search for: btellier

Brock Tellier <btellier@WEBLEY.COM> writes: > Virtually any program using the GNOME libraries is vulnerable to a > buffer overflow attack. The attack comes in the form: > > /path/to/gnome/prog --enable-sound --espeaker=$80bytebuffer > The following exploit should work against any GNOME program, th...

...package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 8. References: Thanks to Brock Tellier at btellier@USA.NET for noting the vulnerability in resend, to Shevek at shevek@anarres.org and Olaf Kirch at okir@monad.swb.de for noting the vulnerability in the wrapper.

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Netscape 4.73 available Advisory ID: RHSA-2000:028-02 Issue date: 2000-05-19 Updated on: 2000-05-19 Product: Red Hat Linux Keywords: netscape SSL telnet rlogin Cross references: