Bugtraq mailing list archives

Re: xsoldier update for Linux Mandrake

From: btellier () USA NET (Brock Tellier)
Date: Thu, 18 May 2000 15:32:44 CDT


This -display bug seems to have resurfaced again from the exploit I wrote and
posted to bugtraq for FreeBSD 3.3's xsoldier in late 1999.  More discussion,
patches, etc. can be found at
http://www.securityfocus.com/vdb/bottom.html?vid=871

-Brock

"Cashdollar, Larry" <lwc () VAPID DHS ORG> wrote:

Great little shoot 'em up game in the style of galaga. Very neat
graphics, but there's no sound support yet.


I actually wrote an exploit for this and posted it on VUL-DEV.  The
exploit would get egid 12 (games) if I had bothered to put a setregid()
call in the shellcode.  My attempts had failed.  It will however get euid
0 from a default source installation that placed xsoldier in
/usr/local/games as setuid root.

I didnt think it was interesting enough to post on bugtraq, but since this
came up here is a link to the exploit if anyone wants to toy with it.

http://vapid.dhs.org/xsol-x.c


-- Larry


____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1

Current thread:

xsoldier update for Linux Mandrake THE INFAMOUS (May 17)
- Re: xsoldier update for Linux Mandrake Cashdollar, Larry (May 18)
- <Possible follow-ups>
- Re: xsoldier update for Linux Mandrake Brock Tellier (May 18)