Buffer exploit on gopherd

To: debian-security@lists.debian.org
Subject: Buffer exploit on gopherd
From: Javier Fernandez-Sanguino Peña <jfernandez@sgi.es>
Date: Mon, 18 Sep 2000 09:32:27 +0200
Message-id: <[🔎] 39C5C50B.D0584EC2@sgi.es>

I have just read this on xforce.iss.net 
(http://xforce.iss.net/static/5102.php). It seems that there is
a buffer overflow condition on the halidate function that a remote
attacker could exploit.
	I am unable (yet) to check the sources and see if Debian
is vulnerable, but Debian's version is 2.3.1-2, which makes it
possible.

	Regards

	Javier Fernández-Sanguino Peña
	Debian GNU/Linux developer

begin:vcard 
n:Fernández-Sanguino Peña;Javier
tel;fax:+34-91 806 46 41
tel;work:+34-918064432
x-mozilla-html:FALSE
org:SGI-GMV sistemas;Seguridad Lógica
adr:;;Sector Foresta 1;Tres Cantos;Madrid;E-28760;Spain
version:2.1
email;internet:jfernandez@sgi.es
x-mozilla-cpt:;32352
fn:Javier Fernández-Sanguino Peña
end:vcard

Reply to:

Prev by Date: Re: help me .. guys..
Next by Date: OTP (opie) and ssh
Previous by thread: Re: help me .. guys..
Next by thread: OTP (opie) and ssh
Index(es):
- Date
- Thread