| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: alf1num3rik at yahoo.com (Stephen Jimson) Subject: FAKE: RedHat: Buffer Overflow in "ls" and "mkdir" <snip from the ISC's SANS> The k-otik folks have an analysis of the bad things that might happen if you follow the instructions in the fake RedHat advisory that was reported in yesterday's diary: http://www.k-otik.com/news/FakeRedhatPatchAnalysis.txt <snip> the source code is also there Steph --- Brett Campbell <brett@...tom-tech.net> wrote: > On Sun, Oct 24, 2004 at 06:18:41PM -0700, Andrew > Farmer wrote: > <snip> > > I did a quickie analysis of the program (which is > basically just > > distributed as source!). > <snip> > > when did you get a hold of the tarball? they must've > yanked the record > for www.fedora-redhat.com ... it can't be resolved > in any way. > > pretty interesting (and pathetic) anyways, nice > detective work. > > -- > [ Brett R. Campbell ] > -> Configuration Management / Systems > Administration > -> Collaborative Agent Design Research Center > -> California Polytechnic State University, SLO, CA > __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Powered by blists - more mailing lists