VU#203203 - midnight_commander
Björn Eriksson
bjorn at bjornen.nu
Tue Jan 29 22:09:37 UTC 2002
On Tue, Jan 29, 2002 at 04:11:39PM -0500, CERT Coordination Center wrote:
> We have received report regarding a vulnerability in one of your
> products. We would appreciate greatly your help in reviewing this
> issue so that we can document it in our public database.
<...>
To bad they didn't provide a link; I couldn't find anything re.
'mcedit' or 'midnight commander' in their database nor anything re.
'VU#203203' or simply '203203'.
> The complete impact of this vulnerability is not yet known. Attackers
> can cause mcedit to end with a segmentation fault.
I seem to remember someone claimed his mcedit segfaulted on extremely
long lines. I further STR I showed him it was a simple ulimit-thing.
(But I can't find this in the archives...)
I didn't CC: cert on this mail. I figure someone else is in better
position to make formal contact.
--
//Björnen. bjorn at bjornen.nu | mdeans at algonet.se | bjorn at pobox.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.midnight-commander.org/pipermail/mc-devel/attachments/20020129/764bae02/attachment.asc>
More information about the mc-devel
mailing list