Bugtraq mailing list archives
Re: Linux GNOME exploit
From: chmouel () MANDRAKESOFT COM (Chmouel Boudjnah)
Date: Tue, 28 Sep 1999 06:47:45 +0200
Brock Tellier <btellier () WEBLEY COM> writes:
Virtually any program using the GNOME libraries is vulnerable to a buffer overflow attack. The attack comes in the form: /path/to/gnome/prog --enable-sound --espeaker=$80bytebuffer The following exploit should work against any GNOME program, though I tried it on (the irony) /usr/games/nethack, which is SGID root by default on RH6.0. An attack on any program will look something like this: [> [xnec@redhack gnox]$ uname -a; cat /etc/redhat-release; id Linux redhack 2.2.9-19mdk #1 Wed May 19 19:53:00 GMT 1999 i686 unknown Linux Mandrake release 6.0 (Venus)
Humm it's not a RedHat bugs but a Mandrake one. The fixed package is available from our updates mirror, see : http://www.linux-mandrake.com/en/fupdates.php3 or launch MandrakeUpdate. Nota the security is only with 6.0 version, since 6.1 the package was removed. We advice to remove completely the package from your system if you are maniac of security (and who aren't ?). -- MandrakeSoft http://www.mandrakesoft.com/ --Chmouel
Current thread:
- Linux GNOME exploit Brock Tellier (Sep 23)
- Re: Linux GNOME exploit Alan Cox (Sep 27)
- Re: Linux GNOME exploit Brock Tellier (Sep 27)
- Re: Linux GNOME exploit Matt Wilson (Sep 27)
- Re: Linux GNOME exploit Ron DuFresne (Sep 29)
- Re: Linux GNOME exploit Slackware Security Team (Sep 29)
- Multiple Vendor ARCAD permission problems Brock Tellier (Sep 29)
- Re: Linux GNOME exploit Chmouel Boudjnah (Sep 27)
- <Possible follow-ups>
- Re: Linux GNOME exploit Elliot Lee (Sep 27)
- Re: Linux GNOME exploit Adam Sampson (Sep 28)
- Re: Linux GNOME exploit Thomas Biege (Sep 28)