The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #005 [Re: Yet more on the virus] (1 message, 780 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/005.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Tim Becker <becker@cs.rochester.edu>
To: [not phage]
Date: Thu 19:37:02 03/11/1988 EST
Subject: Re: Yet more on the virus
References: [Thread Prev: 387] [Thread Next: 010] [Message Prev: 006] [Message Next: 007]

We found how the program was coming in via fingerd on a vaxen.  It was
overrunning the "gets(line)" - line buffer in a predictable (for the
virus writer) way.  The fix is to change the gets(line) to a fgets(line,
512, stdin);line[strlen(line)-1].

Of course it tries this on Sun's too -- it just causes fingerd to core
dump there.

Tim Becker.
becker@cs.rochester.edu

END OF DOCUMENT