Date: Wed, 22 Nov 2006 13:57:16 -0800 From: Colin Percival <cperciva@freebsd.org> To: Maxim Konovalov <maxim@FreeBSD.org> Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/banner banner.c Message-ID: <4564C7BC.6080405@freebsd.org> In-Reply-To: <200611222105.kAML5I4L067230@repoman.freebsd.org> References: <200611222105.kAML5I4L067230@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Maxim Konovalov wrote: > Modified files: > usr.bin/banner banner.c > Log: > o Check that -w width is not above maximum. Use DWIDTH instead of > hardcoded constant. > > Reported by: Gruzicki Wlodek on BugTraq > Obtained from: NetBSD, OpenBSD > MFC after: 1 week Security: Possible privilege escalation, if you have a practice of going around and applying the suid bit randomly. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4564C7BC.6080405>