From venglin@FREEBSD.LUBLIN.PL Fri Sep 3 13:59:27 1999 From: Przemyslaw Frasunek Resent-From: mea culpa To: BUGTRAQ@SECURITYFOCUS.COM Resent-To: jericho@attrition.org Date: Mon, 30 Aug 1999 14:31:46 +0200 Subject: Babcia Padlina Ltd. security advisory: mars_nwe buffer overf [The following text is in the "iso-8859-2" character set] [Your display is set for the "US-ASCII" character set] [Some characters may be displayed incorrectly] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Babcia Padlina Ltd. Security Advisory (BP-9908:01) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Synopsis: Babcia Padlina Ltd. has discovered many buffer overruns in running with superuser priviliges parts of mars_nwe package. Vulnerable versions: Probably all versions of mars_nwe. Description: By creating carefully designed directories or bindery objects it is possible to execute arbitrary code. Sample code: Sample code (won't work with NLS support enabled) in attachment. Fix: Patches for mars_nwe 0.99pl15 in attachment. - --- * Fido: 2:480/124 ** WWW: FreeBSD.lublin.pl/~venglin ** GSM: +48-601-383657 * * Inet: venglin@FreeBSD.lublin.pl ** PGP: D48684904685DF43 EA93AFA13BE170BF * -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBN8p7tv6SPyHAYTvjEQI0ogCfdy9TeyHvuQj0UL4Vt79/Sj1o6nEAoJW/ kaJzxLBfV5pECo3/cqiMqbao =DNGn -----END PGP SIGNATURE----- [Part 2, Application/OCTET-STREAM (Name: "mars.c") 2.5KB] [Unable to print this part] [Part 3, Application/OCTET-STREAM (Name: "mars.patch") 53KB] [Unable to print this part]