-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Babcia Padlina Ltd. Security Advisory (BP-9908:01)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Synopsis:
Babcia Padlina Ltd. has discovered many buffer overruns in running
with superuser priviliges parts of mars_nwe package.
Vulnerable versions:
Probably all versions of mars_nwe.
Description:
By creating carefully designed directories or bindery objects
it is possible to execute arbitrary code.
Sample code:
Sample code (won't work with NLS support enabled) in attachment.
Fix:
Patches for mars_nwe 0.99pl15 in attachment.
- ---
* Fido: 2:480/124 ** WWW: FreeBSD.lublin.pl/~venglin ** GSM: +48-601-383657 *
* Inet: [EMAIL PROTECTED] ** PGP: D48684904685DF43 EA93AFA13BE170BF *
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQA/AwUBN8p7tv6SPyHAYTvjEQI0ogCfdy9TeyHvuQj0UL4Vt79/Sj1o6nEAoJW/
kaJzxLBfV5pECo3/cqiMqbao
=DNGn
-----END PGP SIGNATURE-----
mars.c
mars.patch
