]>
Commit | Line | Data |
---|---|---|
041912e5 JB |
1 | Fix for S-Quadra Advisory #2003-11-26 |
2 | (http://www.s-quadra.com/advisories/Adv-20031126.txt) | |
3 | taken from freeradius CVS - change with comment: | |
4 | ||
5 | RADIUS attributes can be up to ~256 bytes long. | |
6 | This is the pam_smb vulnerability from a while ago... | |
7 | ||
8 | --- freeradius-0.9.3/src/modules/rlm_smb/smblib.c.orig 2002-08-06 18:50:33.000000000 +0200 | |
9 | +++ freeradius-0.9.3/src/modules/rlm_smb/smblib.c 2003-11-28 20:38:18.699957008 +0100 | |
10 | @@ -316,7 +316,7 @@ | |
11 | ||
12 | { struct RFCNB_Pkt *pkt; | |
13 | int param_len, i, pkt_len, pass_len,a; | |
14 | - char *p, pword[128]; | |
15 | + char *p, pword[256]; | |
16 | ||
17 | /* First we need a packet etc ... but we need to know what protocol has */ | |
18 | /* been negotiated to figure out if we can do it and what SMB format to */ |