DragonFly commits List (threaded) for 2003-09
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
cvs commit: src/crypto/openssh buffer.c
dillon 2003/09/16 09:59:41 PDT
Modified files:
crypto/openssh buffer.c
Log:
Additional comments: ssh may attempt to zero and free the buffer from
fatal(). The incorrect buffer size at the time fatal() is called will
cause it to zero an area larger then has actually been allocated. Since
meta-data is not inline with the allocation on FreeBSD (and hence DragonFly)
systems it is believed that the worst that can happen is a crash. On linux
systems, however, it may be possible to exploit the flaw to gain elevated
privs.
Revision Changes Path
1.3 +0 -0 src/crypto/openssh/buffer.c
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
