Re: Fw.: From

>     Virtually any program using the GNOME libraries is vulnerable to a
> buffer overflow attack.  The attack comes in the form:
> /path/to/gnome/prog --enable-sound --espeaker=$80bytebuffer

This was:

     1. a bug in the old esound libraries, does not affect 1.0.40
     2. It was only found in Mandrake, as they shipped a setuid gnome
        app.  Which is a no=no


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]