Bugtraq mailing list archives

Re: Overflows in minicom

From: 11108496 () LIS ULUSIADA PT (Tiago F P Rodrigues)
Date: Mon, 11 May 1998 12:32:02 +0200


On Sun, 10 May 1998, William Burrow wrote:

On Sat, May 09, 1998 at 09:48:55PM +0200, Tiago F P Rodrigues wrote:

 It seems minicom(distributed with slak3.4) have some overflow
vulnerabilities, namely in the '-p' switch and when you pick a config
file on the arguments. (a strcpy and a sprintf)

...

 If this is new, I may post an exploit if prompted to.


What kind of exploit will you be able to get?  Minicom is setgid uucp on
my system, the worst you can do is upset UUCP operations, which don't happen
here anyway, or possibly change the permissions on the dev file.  System
is Slack 3.2.


 True enough, minicom is only sgid uucp in latest RedHat & Slakware
releases, though keep in mind if you rebuild minicom from source it will
install it setuid root by default.

Current thread:

Re: Overflows in minicom Tiago F P Rodrigues (May 11)
- <Possible follow-ups>
- Re: Overflows in minicom Andi Kleen (May 11)
  - Re: Overflows in minicom Stefan `Sec` Zehl (May 12)