|
Message-ID: <20150128000036.GB21997@localhost.localdomain> Date: Tue, 27 Jan 2015 16:00:36 -0800 From: Qualys Security Advisory <qsa@...lys.com> To: endrazine <endrazine@...il.com> Cc: oss-security@...ts.openwall.com Subject: Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) On Tue, Jan 27, 2015 at 02:03:10PM -0800, endrazine wrote: > There is an obvious stack overflow in Qualys' GHOST.c poc : the name buffer > is 10 bytes long and 900+ bytes of data are copied to it. This is ??? -- QSA
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.