From owner-freebsd-ports  Sat Oct 28 16:38:41 2000
Delivered-To: freebsd-ports@freebsd.org
Received: from jamus.xpert.com (jamus.xpert.com [199.203.132.17])
	by hub.freebsd.org (Postfix) with ESMTP id 63D6F37B479
	for <ports@freebsd.org>; Sat, 28 Oct 2000 16:38:37 -0700 (PDT)
Received: from roman (helo=localhost)
	by jamus.xpert.com with local-esmtp (Exim 3.12 #5)
	id 13pfYU-0006mO-00; Sun, 29 Oct 2000 01:38:30 +0200
Date: Sun, 29 Oct 2000 01:38:30 +0200 (IST)
From: Roman Shterenzon <roman@xpert.com>
To: Jeremy Norris <ishmael27@home.com>
Cc: ports@FreeBSD.ORG
Subject: Re: Remote buffer overflow in gnomeicu 0.93
In-Reply-To: <20001028161730.A86612@babylon.merseine.nu>
Message-ID: <Pine.LNX.4.10.10010290137230.25903-100000@jamus.xpert.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, 28 Oct 2000, Jeremy Norris wrote:

> I would think this would be a problem with all icq clients, since icq opens up
> a tcp port by default. Gnomeicu at least, however, lets you pick what port.
> 
> Jeremy
But, gnomeicu is the only one I've seen that crashes when sent too much
data on that port.
That's security breach.

> On Sat, Oct 28, 2000 at 12:46:08AM +0200, Roman Shterenzon wrote:
> > Hi,
> > 
> > Yesterday, running sockstat I noticed that openicu listens on TCP port 4000.
> > I was curious so I fed it with some zeroes from /dev/zero, and, it crashed
> > like a charm. I'm suspecting buffer overflow which may allow an intruder
> > to receive a shell on victim's machine.
> > Looking at code advises that the port can be chosen from 4000-4100 range.
> > I believe it needs to be checked and the port marked as FORBIDDEN meanwhile.
> > Sorry if it's false alarm.
> > 
> > --Roman Shterenzon, UNIX System Administrator and Consultant
> > [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-ports" in the body of the message
> 

--Roman Shterenzon, UNIX System Administrator and Consultant
[ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message