Author: JT Smith
NetSecurity.org: “Previous versions of XEmacs had a problem with the
gnuserv application. Versions prior to 21.1.14 could
allow arbitrary code to be executed by overrunning the
magic cookie buffer, as well as accepting the prefix of
valid magic cookies (i.e. “12” is accepted if the cookie
is “12345678”).”
gnuserv application. Versions prior to 21.1.14 could
allow arbitrary code to be executed by overrunning the
magic cookie buffer, as well as accepting the prefix of
valid magic cookies (i.e. “12” is accepted if the cookie
is “12345678”).”
Category:
- Linux