Bugtraq mailing list archives
gpm-root initgroups()
From: egmont () FAZEKAS HU (Koblinger Egmont)
Date: Sun, 23 Apr 2000 21:31:20 +0200
Hello! As reported before, the "gpm-root" daemon in gpm-1.19.0 and earlier lets the user execute any command with uid=0. gpm-1.19.1 fixed half of the security hole by calling setuid() and setgid() at the right place but not calling initgruops(). gpm-1.19.2 is out there, which calls initgroups() correctly, fully fixing this security hole. Therefore anyone running gpm-root is highly recommended to upgrade to gpm-1.19.2 or apply its setuid(), setgid() and initgruops() releated patches. Best regards Egmont Koblinger
Current thread:
- CVS DoS, (continued)
- CVS DoS Michal Szymanski (Apr 23)
- Re: CVS DoS Kris Kennaway (Apr 24)
- Re: CVS DoS Kris Kennaway (Apr 24)
- finding Meeting Maker passwords using tcpdump mhpower () MIT EDU (Apr 24)
- ZoneAlarm Vulnerability Alfred Huger (Apr 25)
- Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Laurent LEVIER (Apr 25)
- Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Casper Dik (Apr 26)
- Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Dimitri Avgoustakis (Apr 26)
- Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit Theodor R. Gislason (Apr 26)
- SECURITY: UPDATED - RHSA-2000:014 New Piranha release available Cristian Gafton (Apr 26)
- CVS DoS Michal Szymanski (Apr 23)
- gpm-root initgroups() Koblinger Egmont (Apr 23)
- Postgresql cleartext password storage Robert van der Meulen (Apr 23)
- Re: Postgresql cleartext password storage Alexandru Popa (Apr 24)
- Re: ZoneAlarm Stephen M. Milton (Apr 24)