Radu Filip wrote: >>However, if we overrun the buffer by only a few bytes, the vulnerable >>version (without check) does NOT crash. This way, we can tell 0.9.6e >>from previous, vulnerable versions: >> >> large overflow small overflow >> pre-0.9.6e crash no crash >> 0.9.6e crash crash >> 0.9.6g error error >>" >>Intr-un cuvint, poti sa dormi linistit. > > > Eu am 0.9.6b pe mashina aia. RPM de la RH. Cand rulez tool-ul imi zice: > ip_mashina 443 VULNERABLE: does not detect small overflow > Repet, e vorba de openssl-ul din acel cel mai recent advisory de la RH > care se refera la OpenSSL. > > Pe partea de server apare in errors_log (cand am rulat tool-ul): > [Wed Sep 18 14:04:05 2002] [notice] child pid 4105 exit signal > Segmentation fault (11) > > Radu > si dupa cum se zicea mai sus, poti sa dormi linistit. patchul e back-ported de 2 luni
--- Pentru dezabonare, trimiteti mail la [EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'. REGULI, arhive si alte informatii: http://www.lug.ro/mlist/
