[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: [linux-security] ncpmount/ncpumount
From:       Alan Cox <coxa () cableol ! net>
Date:       1996-10-21 17:58:41
[Download RAW message or body]

> >I haven't had a chance to look at the source code yet, but it appears that
> >ncpmount and ncpumount suffer from exactly the same problem that mount and
> >umount did. In fact, the mount exploit that was so widely circulated works
> >with ncpumount with no modifications.
>
> The buffer overflow you are referring to is hidden in the realpath(3)
> function.  So the mount programs are the wrong ones to blame.  Rather
> update your C library.

If its the same as mount, and wu.ftpd it includes realpath (broken version)
with the program and uses that instead of the (fixed) libc one.

Alan

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic