On Sun, Jul 04, 1999 at 03:19:38AM +0200, Michal Zalewski wrote: > Oh, haven't said, for clearance... I'm talking about terminfo support and > tgetent() function implemented in libncurses, which is buggy as well, > while ncurses allows '../' tricks. Do you have any more information about this problem? As far as I can remember, ncurses doesn't do much parsing with a terminfo file, so there's little harm that can be done here. Or do you have a demonstrable exploit? Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play [EMAIL PROTECTED] | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax [EMAIL PROTECTED] +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
- [RHSA-1999:028-01] Buffer overflow in libtermcap tge... Bill Nottingham
- Re: [RHSA-1999:028-01] Buffer overflow in libte... Michal Zalewski
- Re: [RHSA-1999:028-01] Buffer overflow in l... Michal Zalewski
- Re: [RHSA-1999:028-01] Buffer overflow ... Tymm Twillman
- Re: [RHSA-1999:028-01] Buffer overf... Michal Zalewski
- Re: [RHSA-1999:028-01] Buffer overflow ... Olaf Kirch
- Re: [RHSA-1999:028-01] Buffer overflow in l... Martin Schulze
- Re: [RHSA-1999:028-01] Buffer overflow in l... Aaron Campbell
- Re: [RHSA-1999:028-01] Buffer overflow ... Alan Cox
- Re: [RHSA-1999:028-01] Buffer overf... Kurt Wall
- Re: [RHSA-1999:028-01] Buffer ... Carlo M. Arenas Belon
- libtermcap exploit fix ... smashcap... Hudin Lucian
- Re: [RHSA-1999:028-01] Buffer overf... Pavel Kankovsky
- Re: [RHSA-1999:028-01] Buffer overflow in l... Tymm Twillman
- Re: [RHSA-1999:028-01] Buffer overflow in libte... Olaf Kirch
- Re: [RHSA-1999:028-01] Buffer overflow in l... Martin Schulze