On Tue, Jul 06, 2004 at 09:23:08PM +0000, clayton rollins wrote: > Hi all, > > Before I start, this isn't likely a huge security risk. It probably doesn't > require delay of release unless someone shows a practical exploit.
Just from a quick glance: The buffer overflow warning is issued in shell.c:821. It simply means that the line to read from the socket (to which you are connected using telnet) contains a line that is longer than the line buffer. It doesn't actually perform any operation that would write over the buffer's boundaries, because it detects if it would do so. So it's nothing to worry about (it cannot be exploited). Greetings, Thomas. ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Gtk-gnutella-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel
