oss-sec mailing list archives
Re: GNU ed heap overflow
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 04 Sep 2008 22:44:47 +0200
* Steven M. Christey:
On Mon, 1 Sep 2008, Florian Weimer wrote:Interesting. But this type of command execution is not possible with "red", which suffers from the same overflow.Does red share the same codebase as ed? Or is a separate CVE necessary?
lrwxrwxrwx 1 root root 7 2008-08-31 11:36 /usr/bin/red -> /bin/ed It's "restricted ed" in the sense of "restriced bash" etc.
Current thread:
- GNU ed heap overflow Florian Weimer (Aug 31)
- Re: GNU ed heap overflow Tavis Ormandy (Sep 01)
- Re: GNU ed heap overflow Florian Weimer (Sep 01)
- Re: GNU ed heap overflow Steven M. Christey (Sep 04)
- Re: GNU ed heap overflow Florian Weimer (Sep 04)
- Re: GNU ed heap overflow Florian Weimer (Sep 01)
- Re: GNU ed heap overflow Tavis Ormandy (Sep 01)
- Re: GNU ed heap overflow Steven M. Christey (Sep 04)