Whoisd buffer overrun
- Previous message (by thread): Whoisd buffer overrun
- Next message (by thread): Whoisd buffer overrun
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dmitry Morozovsky
marck at ti.ru
Thu Feb 3 14:21:38 CET 2000
On Thu, 3 Feb 2000, RIPE Database Administration wrote: > It was brought to our attention last night that the perl whoisd server > the RIPE NCC is currently running is vulnerable to a buffer overflow > > 1. save the following text as /tmp/whoisdpatch > > ----------cut here------------------------------ > *** whoisd.trunc Wed Feb 2 22:28:34 2000 > --- whoisd Wed Feb 2 22:29:46 2000 [skip] > 2. execute in the directory where your whoisd lives: > $ patch < /tmp/whoisdpatch I suppose everyone should pay attention that patch mentioned is _reverse_ (i.e. old and new file had been swapped) Sincerely, D.Marck --------------------------------------------------------------------- *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck at ti.ru *** ---------------------------------------------------------------------
- Previous message (by thread): Whoisd buffer overrun
- Next message (by thread): Whoisd buffer overrun
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]