On Wed, Jun 30, 1999 at 05:53:41AM -0400, Bill Fumerola wrote: > > I should warn you though that there are some security issues with my > > tcpdump-smb patches. It is possible for a malicious user to put > > packets on the wire that will cause a buffer overflow in the SMB > > parser in that code. That could lead to a root exploit. > > > > I just haven't got around to fixing it yet. > > Hmmm.. but a non-superuser never sees any of those malicious packets, and > the program is not installed suid, so how would that happen?
I think the point is that when root is running tcpdump on host A, a bad guy on host B can create a packet which makes tcpdump on A execute his code (as root, since that's who's running it). This is not desirable. -- Matthew Hunt <[email protected]> * Stay close to the Vorlon. http://www.pobox.com/~mph/ * To Unsubscribe: send mail to [email protected] with "unsubscribe freebsd-hackers" in the body of the message
