Return-Path: owner-bugtraq-jp@SECURITYFOCUS.COM
References: <3914CB13276.23FASHADOWPENGUIN@mail.logicaleffect.com>
User-Agent: Wanderlust/1.1.0 (Overjoyed) SEMI/1.13.7 (Awazu) FLIM/1.13.2
            (Kasanui) MULE XEmacs/21.1 (patch 9) (Canyonlands) (i386--freebsd)
MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu")
Content-Type: text/plain; charset=ISO-2022-JP
Message-ID:  <86snvtsf48.wl@waterblue.imgsrc.co.jp>
Date:         Mon, 8 May 2000 15:57:59 +0900
Reply-To: Jun Kuriyama <kuriyama@IMGSRC.CO.JP>
Sender: BUGTRAQ-JP List <BUGTRAQ-JP@SECURITYFOCUS.COM>
From: Jun Kuriyama <kuriyama@IMGSRC.CO.JP>
Subject:      Re: [SPSadvisory#36]Linux /usr/bin/kon buffer overflow
X-To:         BUGTRAQ-JP@SECURITYFOCUS.COM
To: BUGTRAQ-JP@SECURITYFOCUS.COM
In-Reply-To:  In your message of "Sun, 7 May 2000 10:46:59 +0900" 
              <3914CB13276.23FASHADOWPENGUIN@mail.logicaleffect.com>

At Sun, 7 May 2000 10:46:59 +0900,
UNYUN <shadowpenguin@BACKSECTION.NET> wrote:
> Linux /usr/bin/kon のバッファオーバーフローについてご報告致します。

　FreeBSD の ports の方には、以下のパッチを加えておきました。


--- src/mouse.c~	Mon Jan 27 20:40:27 1997
+++ src/mouse.c	Mon May  8 15:39:35 2000
@@ -176,7 +176,7 @@

 	mouseType = MOUSE_NONE;
 	mInfo.has_mouse = FALSE;
-	sscanf(config, "%s", name);
+	strncpy(name, config, MAX_COLS);
 	for (p = mice; p->name != NULL; p++) {
 		if (strcasecmp(name, p->name) == 0) {
 			mouseType = p->type;


--
Jun Kuriyama <kuriyama@imgsrc.co.jp> // IMG SRC, Inc.
             <kuriyama@FreeBSD.org> // FreeBSD Project