This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
Whoisd buffer overrun
- Previous message (by thread): Top 100 Maintainers List 20000203
- Next message (by thread): Whoisd buffer overrun
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
RIPE Database Administration
ripe-dbm at ripe.net
Thu Feb 3 14:09:10 CET 2000
Dear colleagues, It was brought to our attention last night that the perl whoisd server the RIPE NCC is currently running is vulnerable to a buffer overflow attack. We have taken action immediately and fixed this problem on our production servers. We have also checked for traces of people taking advantage of the vulnerability and concluded that this was not the case. The whois service was not affected. Should you be running a copy of our software, please apply the patch attached below to bin/whoisd. It truncates the query to 255 characters. If you have any questions or comments, please contact <ripe-dbm at ripe.net>. We would like to thank Geert Jan de Groot and Steve Bellovin for bringing this to our attention. Kind Regards, Mirjam Kuehne Head External Services RIPE NCC -------------------- 1. save the following text as /tmp/whoisdpatch ----------cut here------------------------------ *** whoisd.trunc Wed Feb 2 22:28:34 2000 --- whoisd Wed Feb 2 22:29:46 2000 *************** *** 1679,1694 **** $query=join(" ", @ARGV); } else { - my($trunclen); - alarm $KEEPOPEN if (!$commandline); $query=<$input>; - - # truncate to 255 chars - $trunclen = length($query); - $trunclen = 255 if $trunclen > 255; - substr( $query, $trunclen ) = ""; - } # &dpr("query: -$query- errorcode: -$!-\n"); --- 1679,1686 ---- ----------cut here-------------------------------- 2. execute in the directory where your whoisd lives: $ patch < /tmp/whoisdpatch
- Previous message (by thread): Top 100 Maintainers List 20000203
- Next message (by thread): Whoisd buffer overrun
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]