Date: Wed, 28 Nov 2001 14:16:44 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: "Andrew R. Reiter" <arr@FreeBSD.org> Cc: freebsd-security@FreeBSD.org Subject: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability (fwd) Message-ID: <200111281916.fASJGiu00666@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.NEB.3.96L.1011128125641.42899A-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1011128125641.42899A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Wed, 28 Nov 2001 12:57:12 -0500 (EST), "Andrew R. Reiter" <arr@FreeBSD.org> quotes a bugtrraq advisory stating: > The attacker must ensure that a maliciously constructed malloc header > containing the target address and it's replacement value are in the > right location in the uninitialized part of the heap. The attacker > must also place shellcode in server process memory. ...which means that this vulnerability does not exist under FreeBSD, since PHK-malloc does not mingle its metadata with its heap. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200111281916.fASJGiu00666>