Bugtraq mailing list archives
Re: [HERT] Advisory #002 Buffer overflow in lsof
From: Don.Lewis () TSC TDK COM (Don Lewis)
Date: Thu, 18 Feb 1999 08:31:33 -0800
On Feb 18, 1:30am, "Anthony C . Zboralski" wrote: } Subject: [HERT] Advisory #002 Buffer overflow in lsof } When lsof is setuid-root or setgid kmem, it is vulnerable to a buffer } overflow that will lead to direct root compromise or root compromise } thru live kernel patching. If lsof is installed setgid kmem, it shouldn't gain any privileges to overwrite something to gain root access. At worst, it should only be possible to read things in kernel memory that ordinary users shouldn't have access to (I suppose this might include a password in a tty buffer if the cracker got really lucky). ... or are there systems that give group kmem write privileges? If so, I'd say that's a security hole.
Current thread:
- Re: [HERT] Advisory #002 Buffer overflow in lsof Don Lewis (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Vic Abell (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Mariusz Marcinkiewicz (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Robert Watson (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Lee Brotzman (Feb 22)
- NcFTPd remote buffer overflow Julien Nadeau (Feb 23)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Alan Cox (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Alex Shnitman (Feb 20)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Wichert Akkerman (Feb 21)
- Possible DOS attack in the .nu domain service Shane Wegner (Feb 20)
- Severe Security Hole in ARCserve NT agents (fwd) Weld Pond (Feb 21)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Robert Watson (Feb 19)