cygwin1.dll up to 1.5.22 overflow

Dave Korn dave.korn@artimi.com
Tue Nov 13 10:19:00 GMT 2007


On 12 November 2007 20:59, Daniel Fdez. Bleda wrote:

> Dave, Corinna,
> 
> I you consider the advisory could be already published due the
> collateral correction of the flaw in recent versions?

  You didn't answer all our questions yet, specifically which was the
vulnerable function.  I was hoping to get some feel for whether this could be
exploited remotely, e.g. by uploading a long file to an ftp server, and
whether it could be used to increase privilege, by triggering in a cygwin
service.

  The answers to those questions would determine my suggested response.  If
any of them were 'yes', I would suggest we delete the affected versions from
the sourceware repository and place an announcement on the cygwin.com front
page, co-ordinated with your advisory.  If not, I would suggest that it would
be appropriate to just release your advisory to the mailing list.

  However, Corinna is the responsible maintainer, so we should wait for her
input.

  BTW, it's not clear from your subject line: cygwin1.dll < 1.5.22, or
cygwin1.dll <= 1.5.22?  Which was the first fixed version?


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....



More information about the Cygwin-developers mailing list