The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SNI-20: Telnetd tgetent vulnerability (fwd)

To: security@debian.org
Subject: Re: SNI-20: Telnetd tgetent vulnerability (fwd)
From: John Goerzen <jgoerzen@southwind.net>
Date: Thu, 23 Oct 1997 08:04:50 -0500 (CDT)
Delivered-to: security@debian.org
Resent-cc: recipient list not shown: ;
Resent-date: 24 Oct 1997 00:47:37 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"umZ-9.A.AY.pA_T0"@debian>
Resent-sender: debian-private-request@lists.debian.org

Are we vulnerable??

Also, have we fixed the lpd problems?

John

-- 
John Goerzen
Southwind Internet Access, Inc. Technical Support
Business e-mail: jgoerzen@southwind.net

Personal e-mail: jgoerzen@complete.org
Wichita State University e-mail: jgoerzen@cs.twsu.edu
Developer, Debian GNU/Linux    <http://www.debian.org>

---------- Forwarded message ----------
Date: Wed, 22 Oct 1997 16:10:49 -0500
From: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
Subject: Re: SNI-20: Telnetd tgetent vulnerability

---------- Forwarded message ----------
Date: Wed, 22 Oct 1997 13:37:22 -0400 (EDT)
From: David Holland <dholland@eecs.harvard.edu>
To: linux-security@redhat.com
Subject: [linux-security] Re: SNI-20: Telnetd tgetent vulnerability

 > [mod: Executive summary: SNI found recent linux-distributions
 > not-vulnerable -- REW]

Well, it looks a little more complicated than that. If your telnetd is
linked against GNU termcap (as opposed to ncurses), it seems that
there *is* a vulnerability; it looks like GNU termcap doesn't check
for overflow of the initial name portion of the terminal type.

ncurses doesn't touch the buffer in question at all.

--
   - David A. Holland             |    VINO project home page:
     dholland@eecs.harvard.edu    | http://www.eecs.harvard.edu/vino

--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Prev by Date: Re: libc5 qt
Next by Date: Re: [linux-security] SNI-20: Telnetd tgetent vulnerability (fwd)
Previous by thread: Re: libc5 qt
Next by thread: trust and Debian developers
Index(es):
- Date
- Thread