Date: Tue, 03 Mar 2015 10:06:30 +0000 From: Simon McVittie <smcv@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: Re: Debian / xterm #779397 On 03/03/15 09:19, Thomas Dickey wrote: > | From: "Kurt Seifried" <kseifried@...hat.com> > | > | $ xterm -S/dev/pts/20 > | *** buffer overflow detected ***: /usr/bin/xterm terminated > | > | Did this get a CVE? I don't see a DSA for xterm. > > no - someone mentioned the problem in an email - nothing more was said There's some discussion on the Debian bug about whether this should be considered to be a security vulnerability, or just a bug. Not every buffer overflow is a vulnerability: it can only be a vulnerability if an attacker can trigger it. Is there any reason why it would be useful/sensible to pass untrusted (pseudo-terminal filename, fd) pairs to the -S option? It seems to me that if you're passing partially or entirely attacker-controlled filenames to this option, you have probably already lost. S
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ