Date: Sun, 29 Oct 2000 01:38:30 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Jeremy Norris <ishmael27@home.com> Cc: ports@FreeBSD.ORG Subject: Re: Remote buffer overflow in gnomeicu 0.93 Message-ID: <Pine.LNX.4.10.10010290137230.25903-100000@jamus.xpert.com> In-Reply-To: <20001028161730.A86612@babylon.merseine.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 28 Oct 2000, Jeremy Norris wrote: > I would think this would be a problem with all icq clients, since icq opens up > a tcp port by default. Gnomeicu at least, however, lets you pick what port. > > Jeremy But, gnomeicu is the only one I've seen that crashes when sent too much data on that port. That's security breach. > On Sat, Oct 28, 2000 at 12:46:08AM +0200, Roman Shterenzon wrote: > > Hi, > > > > Yesterday, running sockstat I noticed that openicu listens on TCP port 4000. > > I was curious so I fed it with some zeroes from /dev/zero, and, it crashed > > like a charm. I'm suspecting buffer overflow which may allow an intruder > > to receive a shell on victim's machine. > > Looking at code advises that the port can be chosen from 4000-4100 range. > > I believe it needs to be checked and the port marked as FORBIDDEN meanwhile. > > Sorry if it's false alarm. > > > > --Roman Shterenzon, UNIX System Administrator and Consultant > > [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-ports" in the body of the message > --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10010290137230.25903-100000>