[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] RaQ4-All-Security-1.0.1-8747.pkg

Subject: [cobalt-users] RaQ4-All-Security-1.0.1-8747.pkg
From: "Cedric Haindl" <c.haindl@xxxxxxxxx>
Date: Thu Jan 25 15:11:18 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Any volunteers out there to test RaQ4-All-Security-1.0.1-8747.pkg out ? Not
for the weakhearted ;-).

It seems to be hot of the press, but honestly I do not understand what kind
of a problem it is supposed to solve.

Here's the official description:

There used to be an overflowable buffer in the part of the ncurses library
handling cursor movement. Attackers can force a privileged application to
use their own termcap file containing a special terminal entry which will
trigger the ncurses vulnerability, allowing them to execute arbitrary code
with the privileges of the exploited binary.

Regards
Cédric

-----------------------------------------------------------
Haindl Mediendesign GmbH | Untermueli 11 | 6300 Zug
Tel: +41-41-763 30 85 | Fax:+41-41-763 30 86
ISDN (Leonardo) +41-41-763 30 89 | Mobile: +41-79-630 41 19
Email: cedi@xxxxxxxxx | Internet: http://www.haindl.ch
-----------------------------------------------------------

Prev by Date: [cobalt-users] Domain Administrator Email Address ?
Next by Date: Re: [cobalt-users] Qube2 Crashes without obvious cause
Previous by thread: Re: [cobalt-users] Domain Administrator Email Address ?
Next by thread: [cobalt-users] how to set up new raq4 (answers)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index