Bugtraq mailing list archives

Re: [HERT] Advisory #002 Buffer overflow in lsof

From: many () ENSI NET (Mariusz Marcinkiewicz)
Date: Fri, 19 Feb 1999 02:03:54 +0100


On Thu, 18 Feb 1999, Don Lewis wrote:

... or are there systems that give group kmem write privileges?  If so,
I'd say that's a security hole.


Yes, you are right... but... I saw that hole after installing new linx and
checked it's security. First I was suprised but not for a long time.
In a few mins I noticed all linux versions are chown .kmem; chmod g+s
lsof...  on linux /dev/kmem is +w for gid kmem, on bsd too (probably, I
didn't checked that), so... all of std. distributions are vuln. without
ONE! the slackware, IMHO, it's the most secure distribution [ :))) i know:
slackware doesn't has lsof;))) but by tahat way that distr. is secure ;P ]

Cheers

--
Mariusz Marcinkiewicz [Security Specialist] [many () ensi net]
European Network Security Institute [http://www.ensi.net]

Current thread:

Re: [HERT] Advisory #002 Buffer overflow in lsof Don Lewis (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Vic Abell (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Mariusz Marcinkiewicz (Feb 18)
  - Re: [HERT] Advisory #002 Buffer overflow in lsof Robert Watson (Feb 19)
    - Re: [HERT] Advisory #002 Buffer overflow in lsof Lee Brotzman (Feb 22)
    - NcFTPd remote buffer overflow Julien Nadeau (Feb 23)
  - Re: [HERT] Advisory #002 Buffer overflow in lsof Alan Cox (Feb 19)
    - Re: [HERT] Advisory #002 Buffer overflow in lsof Alex Shnitman (Feb 20)
    - Re: [HERT] Advisory #002 Buffer overflow in lsof Wichert Akkerman (Feb 21)
    - Possible DOS attack in the .nu domain service Shane Wegner (Feb 20)
    - Severe Security Hole in ARCserve NT agents (fwd) Weld Pond (Feb 21)
    - Administrivia Aleph One (Feb 22)
- <Possible follow-ups>
- Re: [HERT] Advisory #002 Buffer overflow in lsof Friedrichs, Oliver (Feb 18)

(Thread continues...)