bin/80661: [patch] [SECURITY] Missing NULL termination after
strncpy() in rlogin(1)
Simon L. Nielsen
simon at FreeBSD.org
Sun May 29 08:45:31 PDT 2005
Synopsis: [patch] [SECURITY] Missing NULL termination after strncpy() in rlogin(1)
State-Changed-When: Sun May 29 15:33:56 GMT 2005
We (the Security Team) can't find anywhere in the code-path where this
bug where this could lead to a situation that could be exploited as a
security vulnerability. You could crash rlogin, but not in a way
which would cause it to execute arbitrary cod as root. Have you found
any explicit place this bug could be exploited?
In any case, I have committed the patch to RELENG_4 since not NUL
terminating the buffer is certainly a bug, even it's not a security
Thanks for the report. I'm keeping the PR open in feedback state for
now, since I would like to hear comments from Przemyslaw Frasunek
before totally closing this issue.
Responsible-Changed-When: Sun May 29 15:33:56 GMT 2005
I will handle followups.
More information about the freebsd-bugs