Bug 75414
Summary: | talkd buffer overflow? | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Pekka Savola <pekkas> |
Component: | talk | Assignee: | Phil Knirsch <pknirsch> |
Status: | CLOSED WONTFIX | QA Contact: | Jay Turner <jturner> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 8.0 | CC: | mitr, rvokal, srevivo |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2002-12-18 15:41:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Pekka Savola
2002-10-08 07:53:56 UTC
The maintainer responded back: --8<-- It appears you may be right. I wonder how that slipped through. However, the data in question comes from utmp. utmp is a trusted file. Lots and *lots* of things are vulnerable if utmp is corrupted. And this one (with a normal configuration) only gets you group tty, which is less useful for hacking than group utmp. This is not to say it shouldn't be fixed, and it will be... thanks for the heads-up. --8<-- If that analysis is correct this is not too grave a problem (who is using talkd anyway??!?!? ;-), and will be fixed in upstream. Correct. :-) Closing bug because of analysis. :-) Read ya, Phil |