[Division 7 Security Systems]-Multiple Vulnerabilities Found in Redhat 8.0 and FreeBSD 4.7-Stable

Hi,
I figured I would submit some of my findings to you all for posting on bugtraq.
The following programs have boundary checking issues, in command line argument overflows for each operating system specified. No known patches have been known at this point in time.  

Redhat 8.0  

Packages:
ifenslave
grpck
pwck  

FreeBSD 4.7-STABLE  

amd
diskpart
fsinfo
hlfsd
ntp-genkeys
ntpdate
ntptimeset
ntptrace
raycontrol
zic  

I have posted more information on our website, about the bugs, if you all would like to look at the issues.  

http://www.division7.us/bugtraq.php  

I'm not sure how critical these are, since none are suid by defualt, but a few of them, I wouldnt put past anyone to write up some evil code for...*grins*
Thanks.
pHrail
phrail@division7.us Received on Sun Nov 17 14:31:17 2002

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek