[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Update on Linux unfsd
From:       Olaf Kirch <okir () MONAD ! SWB ! DE>
Date:       1998-08-29 10:06:15
[Download RAW message or body]

Hi everybody,

heres an update on the Linux unfsd hole. The problem (as most may
have found out by now looking at the diffs) was a buffer overrun in
the code that was supposed to log failed mount attempts :-/

This means, the bug can be exploited even if your client is not listed
in the exports file.

In the meantime, I have released a fixed version. It's available from
linux.mathematik.tu-darmstadt.de in /pub/linux/people/okir, the file's
called nfs-server-2.2beta36.tar.gz.

I had previously released 2.2beta35, but shortly after I uploaded it
a bug was found in the handling of some mount requests.

Note that the upgrade RPM for Caldera OpenLinux is nfs-server-2.2beta35-2,
available from ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2.
Despite the 35 in the name, it has the aforementioned mount problem
fixed.

Olaf
--
Olaf Kirch         |  --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de  |    / | \   sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de    +-------------------- Why Not?! -----------------------
         UNIX, n.: Spanish manufacturer of fire extinguishers.

[prev in list] [next in list] [prev in thread] [next in thread]