--/DkgDsqJFFamjKX0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 22, 2006 at 10:15:04AM -0600, Jeremy C. Reed wrote:
> Forwarded mail from bugtraq below.
>=20
> In our case it is our second banner (/usr/games/banner).
>=20
> I just committed fix to improve its check for valid -w width.
>=20
> By the way, I don't know of anyone making this setuid nor using this via=
=20
> some public gateway.

I was going to say: "Somehow, I'm not exactly ph34ring over a binary
we install with mode 0444..."

Even if used via a public gateway, surely the biggest conern is a
DoS?

--=20
gabriel rosenkoetter
gr@eclipsed.net

--/DkgDsqJFFamjKX0
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (NetBSD)

iD8DBQFFawOk9ehacAz5CRoRAoirAJ41+5Jcl+/c1DQH6Ynw81az4zkwbgCfRYhc
JNr6qA+4gln2pCYeBq5Ynfw=
=dhFZ
-----END PGP SIGNATURE-----

--/DkgDsqJFFamjKX0--