Re: ecartis / listar PoC

The thing is this is the least of their worries... and as you said the 
author IS working dilligently to fix the issues at hand. As for the 
patch ... knock your self  out heres the errant code.

[root@ghetto ecartis-1.0.0]# grep -n pathname"\[" src/core.c
80:char pathname[BIG_BUF];
[root@ghetto ecartis-1.0.0]# grep -n "sprintf(pathname" src/core.c
891:    sprintf(pathname, "%s", argv[0]);

-KF

John Madden wrote:

> On Wednesday 24 April 2002 08:56 pm, KF wrote:
>
> > Heres some code for this post a while back ...
> > http://online.securityfocus.com/archive/82/258763
> > This is NOT the same issue in the my_strings.c there are MULTIPLE issues
> > in ecartis still and the same goes for listar...
> > This issue is a strcpy from argv to a fixed buffer .... nothing special.
>
> Please see Ecartis' mailing list archives regarding these issues.  They're 
> aware of the problems and are working to resolve them.  
>
> How about, instead of just telling us about there being multiple issues 
> and posting an exploit, you post a patch to help fix the issues?
>
> Thanks,
>  John