Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 27 Jan 2015 16:00:36 -0800
From: Qualys Security Advisory <qsa@...lys.com>
To: endrazine <endrazine@...il.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: GHOST gethostbyname() heap overflow in glibc
 (CVE-2015-0235)

On Tue, Jan 27, 2015 at 02:03:10PM -0800, endrazine wrote:
> There is an obvious stack overflow in Qualys' GHOST.c poc : the name buffer
> is 10 bytes long and 900+ bytes of data are copied to it. This is

???

-- 
QSA

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.