Ethereal-dev: Re: [ethereal-dev] Security race in ethereal leading to root access

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Joerg Mayer <jmayer@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 30 Jul 1999 19:29:23 +0200 (MET DST)
On Fri, 30 Jul 1999, Gilbert Ramirez wrote:

> On Fri, Jul 30, 1999 at 08:21:40AM -0500, Richard Sharpe wrote:
... 
> > I was talking with Andrew Tridgell last night about Ethereal, and he likes
> > it.  However, while we were looking at something we found what looks like
> > an exploitable race in Ethereal.
...
> It will be hard to pass pcap a file descriptor; the API only provides
> us the ability to send it a file name. Furthermor, pcap_t contains
> a FILE*, not a file descriptor.
...

As a solution, maybe we can provide "our own" version of libpcap with
ethereal, if copyright permits. This has the advantage of being able
to put the patches that we need (e.g. linux patches, security fixes,
atm additions etc.) into that version. Of course these patches should
be sent to the libpcap maintainers for inclusion but this would allow
us to include all we need and at the speed we want. When the rate of
change to the lowlevel interface has slowed down sufficiently and the
required changes are integrated into libpcap we should remove it from
the distribution again.

  Ciao
         Jörg

--
Joerg Mayer                                eMail: <jmayer@xxxxxxxxxxxxx>
Its reassuring to know that growing old AND boring is strictly optional!