On Wed, Jun 30, 1999 at 05:53:41AM -0400, Bill Fumerola wrote:
> > I should warn you though that there are some security issues with my
> > tcpdump-smb patches. It is possible for a malicious user to put
> > packets on the wire that will cause a buffer overflow in the SMB
> > parser in that code. That could lead to a root exploit.
> >
> > I just haven't got around to fixing it yet.
>
> Hmmm.. but a non-superuser never sees any of those malicious packets, and
> the program is not installed suid, so how would that happen?
I think the point is that when root is running tcpdump on host A, a bad
guy on host B can create a packet which makes tcpdump on A execute his
code (as root, since that's who's running it). This is not desirable.
--
Matthew Hunt <[EMAIL PROTECTED]> * Stay close to the Vorlon.
http://www.pobox.com/~mph/ *
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
