[Home] [Credit Search] [Category Browser] [Staff Roll Call] The LINUX.COM Article Archive
Originally Published: Wednesday, 1 December 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Chess.Net in trouble?

A problem has been found in the FICS (free internet chess server code). "The problem involves unchecked user input to a fixed length string. Non-denial of services exploitation of the questionable code looks possible but not trivial, as there is not room in the buffer for shell code, but putting it elsewhere is certainly a possibility. I have written a patch that resolves the problem, in some fashion."



Originally published on Linux.com. Released under the Open Content License unless otherwise stated. Notify Gareth Watts of any errors or copyright violations.