BugTraq
Back to list
|
Post reply
[STX] Multiple Security Vulnerabilities
Jul 03 2003 05:39PM
ace static-x org
Multiple files vulnerable to a buffer overflow:
-
gnuchess is an updated version of the GNU chess playing program. It has a
simple alpha-numeric board display, an IBM PC compatible interface, or it
can be compiled for use with the chesstool program on a SUN workstation or
with the xboard program under X-windows.
-
gnuan produces an analysis of a chess game. For each move it shows the
move, the score and the principle variation selected by gnuchess.
-
isdnrep reads the isdnlog log files, generates reports, does
statistics, and other things. It can also generate HTML output for use
with a web server.
; By default the above are not suid.
proof of concept code for the above can be found at:
http://www.static-x.org/hax.php?pwned=code
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Multiple files vulnerable to a buffer overflow:
-
gnuchess is an updated version of the GNU chess playing program. It has a
simple alpha-numeric board display, an IBM PC compatible interface, or it
can be compiled for use with the chesstool program on a SUN workstation or
with the xboard program under X-windows.
-
gnuan produces an analysis of a chess game. For each move it shows the
move, the score and the principle variation selected by gnuchess.
-
isdnrep reads the isdnlog log files, generates reports, does
statistics, and other things. It can also generate HTML output for use
with a web server.
; By default the above are not suid.
proof of concept code for the above can be found at:
http://www.static-x.org/hax.php?pwned=code
[ reply ]