From: Oguz Kutlu Asik (oguz@k2net.com.tr)
Date: Wed 17 Jan 2001 - 16:42:15 EET
anti parantez
http://www.securityfocus.com/bid/2180
ReiserFS is a file system alternative to the Linux ext2 file system. It
was originally written by Hans Reiser, and is freely available and
publicly maintained.
A problem has been reported in the handling of long file names with
ReiserFS version 3.5.28 on SuSE Linux distribution 7.0. It is possible to
create a directory with a long file name (the initial example displayed a
directory with 768 characters), then attempt to list the file system using
system binary ls or with built in shell function echo and create a Denial
of Service. Upon attempting to list or echo the contents of the
filesystem, a kernel buffer overflow occurs, overwriting variables on the
stack including possibly the return address, as well as crashing the
system. It may be possible for a malicious user to execute arbitrary code,
deny service to legitimate users, and potentially break out of a chroot
environment. This vulnerability is yet unverified.
Love + respect
Oguz
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/