Vulners
Lucene search
slackdb.txt
`Date: Thu, 16 Jul 1998 09:22:40 +0200
From: Martin Bene <[email protected]>
Subject: Berkley DB problem in slackware distribution
Hi!
I recently ran into a potential problem with berkley db 1.85 as distributed
with all versions of slackware linux: (fixed in slackware 3.5 as of 07.14.98)
libdb.so.1.85.4 defines snprintf and vsnprintf as calls to normal sprintf
and vsprintf.
Meaning: if you link any program against this lib and aren't careful about
library linking order, you'll overload the working procedures from libc
with the dummy-definitions from libdb and thus end up with broken (v)snprintf.
Your programs will be vulnerable to buffer overflows even though correctly
coded to avoid it. (I ran into this wile experimenting with a qpopper patch
to directly write sucessfull pop3 logins to a database for use with
sendmail pop_auth hack).
Bye, Martin
--------------------------------------------------
Martin Bene vox: +43-664-3251047
simon media fax: +43-316-813824-6
Andreas-Hofer-Platz 9 e-mail: [email protected]
8010 Graz, Austria
--------------------------------------------------
finger [email protected] for PGP public key
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Aug 1999 00:00Current