Bugtraq mailing list archives
Re: Eterm SGID utmp Buffer Overflow (Local)
From: Michael Jennings <mej () kainx org>
Date: Mon, 21 Jan 2002 14:24:37 -0500
On Sunday, 13 January 2002, at 07:57:57 (-0700), Charles 'core' Stevenson wrote:
I found this last night looking for suids to overflow. Tested on Debian PowerPC Unstable. Yields gid utmp from which higher priveleges could be gained with a little effort. I haven't looked too close but I think the overflow might be in imlib2.
Imlib2 1.0.5 has been released to fix this bug. The source tarball may be downloaded immediately from: http://prdownloads.sourceforge.net/enlightenment/ The SRPM and i386 binary RPM's may also be downloaded from this location, and I believe Debian unstable should already have the new package as of last night's update. My apologies to PPC users directly affected by this, but Apple has yet to donate a PowerMac to the cause, so I can't build PPC RPM's.... :-) Thanks to Mr. Stevenson for locating this problem and for verifying the fix. Regards, Michael -- Michael Jennings (a.k.a. KainX) http://www.kainx.org/ <mej () kainx org> n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) ----------------------------------------------------------------------- "Sorry, but my karma just ran over your dogma." -- Unknown
Current thread:
- Eterm SGID utmp Buffer Overflow (Local) Charles 'core' Stevenson (Jan 14)
- Re: Eterm SGID utmp Buffer Overflow (Local) Michael Jennings (Jan 21)