[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Groff] insecurity

From: Werner LEMBERG
Subject: Re: [Groff] insecurity
Date: Wed, 12 Apr 2000 23:11:01 +0000 (GMT)

> In Linux-Magazin 06/2000, there is an alarming article in the
> "Insecurity News" section called "man-Overflow", written by Mark
> Vogelsberger.

You probably mean 05/2000... I'll check the article.

> It lists a perl script to find buffer overflows and an exploit for
> them.  Moreover, it says that Pawel Wilk has shown that it's
> possible to write man-pages that can run arbitrary code under the
> actual uid, even root.

It would be nice to know which version of groff he has tested.

> The problems are said to arise from the many system() calls using
> user-defined values that are easy to be manipulated.

Where are `the many system() calls'?  By default, -msafer is used now
which deactivates .sy and friends...

> If necessary it should be possible to get both by mailing to
> <address@hidden>.

Will you please do that?  Maybe the author can contact the groff list


reply via email to

[Prev in Thread] Current Thread [Next in Thread]