Full Disclosure mailing list archives
Re: [SECURITY] [DSA 139-1] New super packages fix local root exploit
From: Max Vozeler <max () hinterhof net>
Date: Tue, 22 Jun 2004 06:19:41 +0200
Hi GOBBLES, On Mon, Jun 21, 2004 at 06:02:21AM -0700, gobbles () hushmail com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi list!@ hehehehe ;PPpPPPPPp It appear Max Vozeler who wrap he packages for he debian friends did travel back in time with he timemachine of many speed. Friend GOBBLES not buy into whole space/time discussion ;PPpPPPP
I'm afraid I'm not currently able to use any such time travel technology for my Debian work, as there is no free software implementation nor free documentation of this proprietary technology. If you, GOBBLES, could provide your avantgardist insights into this topic and contribute any proof-of-concept time travel codez or sniffer logs you may have under a free license, that would be wonderful.
But anyways here is friend GOBBLES of old! From he hushmail electronic mail of 2002.
.. in the meantime. I have no idea where you got this idea from, as a simple diff of the Debian source packages would have told you otherwise. The vulnerability you found in 2002 is a different thing, but see below for the code, which speaks a much clearer language. ========================================= "Yours", 2002:
--- super-3.16.1.orig/error.c +++ super-3.16.1/error.c @@ -168,12 +168,12 @@ void rsyslog P__(( unsigned int level, char *fmt, ... )); #define OpenLog(prog, opt, fac) ropenlog((prog), (opt), (fac), error_rlog_host) -#define SysLog(pri, buf) rsyslog((pri), (buf)) +#define SysLog(pri, buf) rsyslog((pri), "%s", (buf))
super (3.18.0-3) unstable; urgency=critical * SECURITY FIX for local root exploit reported recently on the BugTraq list (closes: #154982). -- Robert Luberda <robert () debian org> Thu, 1 Aug 2002 06:56:13 +0200 ========================================= ========================================= "Mine", 2004:
--- super-3.22.2/super.c-orig 2004-06-22 05:55:54.000000000 +0200 +++ super-3.22.2/super.c 2004-06-22 05:56:01.000000000 +0200 @@ -1140,7 +1140,7 @@ (localinfo.mail_success == -1 && globalinfo.mail_success==0)) error_command = NULL; error_stderr = 0; - Error(0, 0, logbuf); + Error(0, 0, "%s", logbuf); error_stderr = e; error_command = ec; }
(the diff is untested) super (3.23.0-1) unstable; urgency=high * New upstream version: + fixed format string vulnerability (CAN-2004-0579) found by Max Vozeler <max () hinterhof net>. * Added debian/watch file. -- Robert Luberda <robert () debian org> Fri, 18 Jun 2004 22:40:17 +0200 ========================================= Have a nice day. Cheers, Max -- 308E81E7B97963BCA0E6ED889D5BD511B7CDA2DC
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Re: [SECURITY] [DSA 139-1] New super packages fix local root exploit gobbles (Jun 21)
- Re: [SECURITY] [DSA 139-1] New super packages fix local root exploit Max Vozeler (Jun 21)
- <Possible follow-ups>
- [SECURITY] [DSA 139-1] New super packages fix local root exploit gobbles (Jun 22)