> PS. Not speaking on behalf of FreeBSD.
Speaking on behalf of OpenBSD, and a quite bit drunk from the really
delicious Guiness (TM) I had just recently:
not vulnerable, blah, blah, blah
This has been discovered before (or at least a similar vulnerability) by
w00w00, but there wasn't anything useful (as far as elevating privileges
go) that was using it at the time. So, unless you can name any suid/sgid
programs using it that will allow the elevation of privileges for
something me
> Furthermore, it is not actually a vulnerability. It seems that setuid
> programs will not accept an alternate termcap file via TERMCAP even under
> the old version of ncurses in FreeBSD 3.x. Therefore this "exploit" can
> only be used on your own binaries.
Sure?
lubi:venglin:~> uname -a
FreeBS
On Mon, 24 Apr 2000, Przemyslaw Frasunek wrote:
> - 3.4-STABLE -- vulnerable
> - 4.0-STABLE -- not tested (probably *not* vulnerable)
-- *not* vulnerable
> - 5.0-CURRENT -- *not* vulnerable
Unfortunately, Mr Frasunek didn't see fit to notifying us befo
On Mon, 24 Apr 2000, Kris Kennaway wrote:
> On Mon, 24 Apr 2000, Przemyslaw Frasunek wrote:
>
> > - 3.4-STABLE -- vulnerable
> > - 4.0-STABLE -- not tested (probably *not* vulnerable)
>
> -- *not* vulnerable
>
> > - 5.0-CURRENT -- *not* vulnerable
>
> Unfortuna
On Mon, Apr 24, 2000 at 02:33:13PM +0200, Przemyslaw Frasunek wrote:
> * Vulnerable Versions
>
> - 3.4-STABLE -- vulnerable
> - 4.0-STABLE -- not tested (probably *not* vulnerable)
> - 5.0-CURRENT -- *not* vulnerable
Isn't this an ncurses problem and not a FreeBSD problem? I
_
b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y # 3
Advisory Name: libncurses buffer overflow
Date: 24/4/00