Bugtraq mailing list archives
Re: xsoldier update for Linux Mandrake
From: btellier () USA NET (Brock Tellier)
Date: Thu, 18 May 2000 15:32:44 CDT
This -display bug seems to have resurfaced again from the exploit I wrote and posted to bugtraq for FreeBSD 3.3's xsoldier in late 1999. More discussion, patches, etc. can be found at http://www.securityfocus.com/vdb/bottom.html?vid=871 -Brock "Cashdollar, Larry" <lwc () VAPID DHS ORG> wrote:
Great little shoot 'em up game in the style of galaga. Very neat graphics, but there's no sound support yet.I actually wrote an exploit for this and posted it on VUL-DEV. The exploit would get egid 12 (games) if I had bothered to put a setregid() call in the shellcode. My attempts had failed. It will however get euid 0 from a default source installation that placed xsoldier in /usr/local/games as setuid root. I didnt think it was interesting enough to post on bugtraq, but since this came up here is a link to the exploit if anyone wants to toy with it. http://vapid.dhs.org/xsol-x.c -- Larry
____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
Current thread:
- xsoldier update for Linux Mandrake THE INFAMOUS (May 17)
- Re: xsoldier update for Linux Mandrake Cashdollar, Larry (May 18)
- <Possible follow-ups>
- Re: xsoldier update for Linux Mandrake Brock Tellier (May 18)