Aapo Rantalainen <[email protected]> writes: > (and let me know, if you find something)
I think I found a vulnerability that results in local execution of code as root if local user is allowed to write to the directory that serves the web pages. page_from_file checks the file size first, then allocates a buffer and starts copying data. If the size of the file changes between these steps aa-http will overflow the buffer. _______________________________________________ Openmoko community mailing list [email protected] http://lists.openmoko.org/mailman/listinfo/community
