MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
mikef at ack.berkeley.edu
Wed Jun 27 16:44:32 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 27 Jun 2007 at 13:33 (-0700), Russ Allbery wrote:
> There's a minor error in my patch in that I replaced:
> ((ret.code == 0) ? "success" : error_message(ret.code))
> with a simple
> inadvertently. The modification is in the previous message, but the
> quoting wasn't changed so it's a bit hard to see.
I see now. Because of line wrapping in my email, it was even harder for
me to see what Lee was correcting. Now I get it.
> This change makes no difference on Linux, since on Linux strerror(0)
> returns "Success" anyway. It may be significant on other platforms.
My KDC is on Solaris, so I'd like to be careful here.
Mike Friedman Information Services & Technology
mikef at ack.Berkeley.EDU 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
-----END PGP SIGNATURE-----
More information about the krbdev