Bugtraq mailing list archives

Re: local root on linux 2.2.15

From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Thu, 15 Jun 2000 01:23:53 -0400


Does anyone else find this as ironic as I do?  Note the lack of
checking before using the pointers returned by malloc.

Always check the return value of system calls.  Always.  Always.
Always.

  header = malloc(8);
  data = malloc(12);
  header->pid = 0;
  header->version = _LINUX_CAPABILITY_VERSION;
  data->inheritable = data->effective = data->permitted = 0;


(And quite aside from that, who sez sizeof(*header) is 8, or
sizeof(*data) is 12?)

                                        der Mouse

                               mouse () rodents montreal qc ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Current thread:

XFree86: Various nasty libX11 holes, (continued)
- - - XFree86: Various nasty libX11 holes Chris Evans (Jun 19)
    - XFree86: xdm flaw; present in kdm Chris Evans (Jun 19)
    - XFree86: xdm xdmcp code in wdm also Brian Russo (Jun 20)
    - Re: XFree86: xdm xdmcp code in wdm also Jerome ALET (Jun 20)
    - Problems with "kon2" package Chris Evans (Jun 19)
    - [TL-Security-Announce] Linux Kernel TLSA2000013-1 Roger Luethi (Jun 19)
    - Re: [TL-Security-Announce] Linux Kernel TLSA2000013-1 Gregory Neil Shapiro (Jun 28)
    - CERT Advisory CA-2000-12 Roman Drahtmueller (Jun 19)
    - Re: local root on linux 2.2.15 Joseph Gooch (Jun 15)
    - Conectiva Linux Security Announcement - ZOPE Sergio Bruder (Jun 16)
- Re: local root on linux 2.2.15 der Mouse (Jun 14)
- Re: local root on linux 2.2.15 Ben Pfaff (Jun 15)
- Re: local root on linux 2.2.15 Tollef Fog Heen (Jun 15)