On Mon, Nov 01, 2004 at 11:02:21AM +0000, Steve Kemp wrote: > On Fri, Oct 29, 2004 at 10:12:33PM +0200, Frank Lichtenheld wrote: > > > Perhaps someone with a little more experience in identifying security > > problems should take a look, too. I CC'ed debian-security. > > Here's a quick summery : > > To be clear there are three flaws being discussed in xsok: > > CAN-2004-0074 - overflow with LANG environmental variable. > - overflow due to long '-xsokdir' parameter. > > CAN-2003-0949 - Failure to drop privileges when unzipping. > > The second one was discovered by me and closed in DSA-405-1 > > The first one is in two parts, the environmental variable > overflow is patched already by the package maintainer. The > second appears to be not an issue given this code: [...]
> Run the following command to test if it's vulnerable: > > xsok -xsokdir `perl -e 'print "X"x3000'` Seems not to be vulnerable: [EMAIL PROTECTED]:/usr/src$ xsok -xsokdir `perl -e 'print "X"x3000'` directory too long I will close the bug and I will ask Joey to add CAN-2004-0074 to the non-vulns list. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
