Bugtraq mailing list archives

Re: A vulnerability in Lynx (all versions)

From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Mon, 5 May 1997 17:08:30 -0600

Fix: Why don't people like using mktemp() or tmpfile() ?


mktemp() isn't a solution, since it is still raceable.
mkstemp() is the solution.

In OpenBSD we've killed about 400 or so of these; some exploitable,
some perhaps not.

Current thread:

Re: Buffer Overflows: A Summary, (continued)
- Re: Buffer Overflows: A Summary Tommy Marcus McGuire (May 02)
  - Re: Buffer Overflows: A Summary Gene Spafford (May 02)
  - Windows NT 4.0 SAM hotfix Aleph One (May 02)
  - Re: Buffer Overflows: A Summary Lamont Granquist (May 03)
  - Solaris lpNet & temp files (exploit) Chris Sheldon (May 03)
    - Re: Solaris lpNet & temp files (exploit) Casper Dik (May 07)
  - A bug in Elm fflush (May 04)
    - Re: A bug in Elm Larry Schwimmer (May 04)
    - Hole in the KDE desktop Alan Cox (May 05)
    - A vulnerability in Lynx (all versions) fflush (May 05)
    - Re: A vulnerability in Lynx (all versions) Theo de Raadt (May 05)
    - SGI Security Advisory 19970101-02-PX - csetup Program SGI Security Coordinator (May 05)
- Re: Buffer Overflows: A Summary Thomas H. Ptacek (May 02)
  - Comments on NT user list exploit webroot (May 05)
  - Re: Buffer Overflows: A Summary Adam Shostack (May 05)
    - Re: Buffer Overflows: A Summary Eilon Gishri (May 06)
    - Administratrivia Aleph One (May 06)
  - SGI Security Advisory 19970501-01-A - Vulnerability in webdist.cgi SGI Security Coordinator (May 06)
    - Re: SGI Security Advisory 19970501-01-A - Vulnerability in Kari E. Hurtta (May 06)