Hi Adam, On Tue, Jun 24, 2003 at 07:50:19PM -0700, Adam Schmidt wrote:
Both /usr/sbin/chat and /usr/sbin/packer are vulnerable to a buffer overflow on SuSE 8.0 Professional, and other versions possibly. These are local compromises. I am currently working on the code for educational purposes.
Thank you for your bug report. We very much appreciate if people scrutinize Linux utilities for security holes, and share their insights. Are you aware that suse-security is a public mailing list, and that the better address for submitting a security bug report would have been security@suse.de? In order to provide timely fixes to Linux users, would you send us more detailed information on what the problems are (preferably to security@suse.de rather than a public forum :) ? Thanks, Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann