Bugtraq mailing list archives

Re: kon2

From: Chris Evans <chris () FERRET LMH OX AC UK>
Date: Fri, 4 Aug 2000 21:36:10 +0100

On Fri, 4 Aug 2000, Elias Levy wrote:

----- Forwarded message from Black Sphere <bsphere () usa net> -----

Info :

  Package : kon2-0.3.8
  Compromise : root


[...]


        else if (!strncmp ("CHARSET_REGISTRY", line, 16))


[...]

Old news. Same vulnerability is noted (along with others) in my Jun 19th
post.

There has, of course, been a slew of kon2 package updates recently. I
wonder if vendors/maintainers simply patched the single bugs in question,
or took active measures to hunt down others?

I'd love it to be demonstrated otherwise, but I bet these bugs did not
spur a proper audit, and more root compromises remain.

Cheers
Chris

Current thread:

kon2 Elias Levy (Aug 04)
- Re: kon2 Chris Evans (Aug 07)
- Re: kon2 Martin Schulze (Aug 07)