Bugtraq mailing list archives
Re: remote buffer overflow in sniffit
From: Edwin Groothuis <edwin () mavetju org>
Date: Tue, 22 Jan 2002 16:33:00 +1100
On Sat, Jan 19, 2002 at 06:57:03PM -0000, g_463 () hotmail com wrote:
Remote overflow in sniffit.0.3.7.beta tested on slackware 7.1 found/coded by g463 -18th january 2002-
For what it's worth, this problem is fixed with: PATCH_SITES= http://ftp.debian.org/debian/dists/stable/main/source/net/ PATCHFILES= sniffit_0.3.7.beta-6.1.diff.gz
From the change-log:
sniffit (0.3.7.beta-6.1) frozen unstable; urgency=high * Non maintainer upload. * [security] sn_logfile.c: Replaced sprintfs by snprintfs fixing a buffer overflow (bugtraq). * [security] sn_analyse.c: Limit length of TCP packets to the buffer size (buffer overflow with MTU > 5000). -- Torsten Landschoff <torsten () debian org> Fri, 26 May 2000 08:40:14 +0200 I assume Debian patches this, the FreeBSD port also applies these patches. Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin () mavetju org | Interested in MUDs? Visit Fatal Dimensions: ------------------+ http://www.FatalDimensions.org/
Current thread:
- remote buffer overflow in sniffit g_463 (Jan 21)
- Re: remote buffer overflow in sniffit Edwin Groothuis (Jan 22)
- Re: remote buffer overflow in sniffit Brad (Jan 22)
- Re: remote buffer overflow in sniffit Edwin Groothuis (Jan 22)