On Sun, Jul 04, 1999 at 03:19:38AM +0200, Michal Zalewski wrote:
> Oh, haven't said, for clearance... I'm talking about terminfo support and
> tgetent() function implemented in libncurses, which is buggy as well,
> while ncurses allows '../' tricks.
Do you have any more information about this problem? As far as I can remember,
ncurses doesn't do much parsing with a terminfo file, so there's little
harm that can be done here. Or do you have a demonstrable exploit?
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
[EMAIL PROTECTED] | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
[EMAIL PROTECTED] +-------------------- Why Not?! -----------------------
UNIX, n.: Spanish manufacturer of fire extinguishers.
- [RHSA-1999:028-01] Buffer overflow in libtermcap tge... Bill Nottingham
- Re: [RHSA-1999:028-01] Buffer overflow in libte... Michal Zalewski
- Re: [RHSA-1999:028-01] Buffer overflow in l... Michal Zalewski
- Re: [RHSA-1999:028-01] Buffer overflow ... Tymm Twillman
- Re: [RHSA-1999:028-01] Buffer overf... Michal Zalewski
- Re: [RHSA-1999:028-01] Buffer overflow ... Olaf Kirch
- Re: [RHSA-1999:028-01] Buffer overflow in l... Martin Schulze
- Re: [RHSA-1999:028-01] Buffer overflow in l... Aaron Campbell
- Re: [RHSA-1999:028-01] Buffer overflow ... Alan Cox
- Re: [RHSA-1999:028-01] Buffer overf... Kurt Wall
- Re: [RHSA-1999:028-01] Buffer ... Carlo M. Arenas Belon
- libtermcap exploit fix ... smashcap... Hudin Lucian
- Re: [RHSA-1999:028-01] Buffer overf... Pavel Kankovsky
- Re: [RHSA-1999:028-01] Buffer overflow in l... Tymm Twillman
- Re: [RHSA-1999:028-01] Buffer overflow in libte... Olaf Kirch
- Re: [RHSA-1999:028-01] Buffer overflow in l... Martin Schulze
