Bugtraq mailing list archives
Re: Linux GNOME exploit
From: azz () GNU ORG (Adam Sampson)
Date: Tue, 28 Sep 1999 21:44:52 +0100
On Mon, Sep 27, 1999 at 02:25:02PM -0400, Elliot Lee wrote:
Virtually any program using the GNOME libraries is vulnerable to a buffer overflow attack. The attack comes in the form: /path/to/gnome/prog --enable-sound --espeaker=$80bytebuffer
(b) I tried specifying a very long argument to --espeaker, and achieved no success in making anything segfault etc. (esound 0.2.14).
On my box: [[azz@cartman ~]$ panel --version Gnome panel 1.0.6 [[azz@cartman ~]$ panel --enable-sound --espeaker=11111111111111111111111111\ 111111111111111111111111111111111111111111111111111111111111111111111 Can't resolve host name "1111111111111111111111111111111111111111111111111111111111111111111111111111 1111111111111111111"! Segmentation fault I'm using esound 0.2.8. This is probably more a libesd issue than a GNOME issue... But X programs, as said before, should under no conditions be suid. In fact, nothing longer than 100 lines would be suid if I had anything to do with it. :) -- Adam Sampson azz () gnu org
Current thread:
- Linux GNOME exploit Brock Tellier (Sep 23)
- Re: Linux GNOME exploit Alan Cox (Sep 27)
- Re: Linux GNOME exploit Brock Tellier (Sep 27)
- Re: Linux GNOME exploit Matt Wilson (Sep 27)
- Re: Linux GNOME exploit Ron DuFresne (Sep 29)
- Re: Linux GNOME exploit Slackware Security Team (Sep 29)
- Multiple Vendor ARCAD permission problems Brock Tellier (Sep 29)
- Re: Linux GNOME exploit Chmouel Boudjnah (Sep 27)
- <Possible follow-ups>
- Re: Linux GNOME exploit Elliot Lee (Sep 27)
- Re: Linux GNOME exploit Adam Sampson (Sep 28)
- Re: Linux GNOME exploit Thomas Biege (Sep 28)