This has been discovered before (or at least a similar vulnerability) by w00w00, but there wasn't anything useful (as far as elevating privileges go) that was using it at the time. So, unless you can name any suid/sgid programs using it that will allow the elevation of privileges for something meaningful, I think the severity is low. Matt
- freebsd libncurses overflow Przemyslaw Frasunek
- Re: freebsd libncurses overflow Bill Fumerola
- Re: freebsd libncurses overflow Theo de Raadt
- Re: freebsd libncurses overflow Kris Kennaway
- Re: freebsd libncurses overflow Kris Kennaway
- Re: freebsd libncurses overflow Przemyslaw Frasunek
- Matt Conover
