Re: [Re: xmonisdn (isdn4k-utils/Linux) bug report]

[btellier () USA NET (Brock Tellier)]

Jan-Hendrik Terstegge <sysadmin () TATOOINE PING DE> wrote:
On Tue, 19 Oct 1999 Ron wrote:
> > While playing with xmonisdn (included in the isdn4k-utils package),
> > I discovered a little bug. I didn't find anything regarding xmonisdn
> > in the Bugtraq archives, so here's a quick post.
> > I'm wondering if other xmonisdn users can reproduce this exploit.
> > (Tested on my workstation, which is running Red Hat Linux 6.0)
> > [... exploit ...]

> I tried the exploit on my workstations, running SuSE Linux 6.1 and 6.2 >but
it
> seems as if it was an only RedHat Linux exploit.
> This was my try to exploit myself. When I make the 'killall -8 xmonisdn' >my
> xmonisdn dies only with an Floating exception but it doesn't dump a core.

--

Good, it shouldn't. If you look at the original post, this person executed
those commands as root, which, on his system, allowed him to make the suid
xmonisdn dump core.  xmonisdn won't dump core unless you are running it as
root.  This isn't a security hole unless it were to dump core in a world
readable mode.  

Brock Tellier
UNIX Systems Administrator
btellier () usa net

____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1