> Actually I am pretty sure this one is not exploitable. For > sure you are able to corrupt memory here and overwriting EIP > but this will likely segfault in glob() one line after the > line you quoted. Thus removing the security tag and setting > the severity to minor.
OK. > However your bug report was really useful cause we realized > that the privilege dropping is totally broken in tss and it > is possible to read abitrary files via tss. Steve opened > another bug for this #475747. It was encountered while talking to the maintainer on #-mentors. Maybe other packages of the same maintainer should be reviewed, too. Helmut -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
