[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Preparation of the next stable Debian GNU/Linux update (I)

Holger Levsen wrote:
> On Saturday 16 September 2006 08:50, Martin Schulze wrote:
> > The first one doesn't look like a real security problem.
> Please explain why you think that putting arbitrary long strings into fixed 
> sized buffers is not a security problem, preferedly in the bugreport.

Please explain how an attacker can exploit this and force slapd to
put arbitrary long strings into fixed sized buffers.

Precondition: Requiring either root permissions or LDAP admin
permissions don't count.



Have you ever noticed that "General Public Licence" contains the word "Pub"?

Reply to: