Full Disclosure mailing list archives

Re: McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow

From: Jimby Sharp <jimbysharp () hotmail com>
Date: Thu, 16 Aug 2007 05:22:19 +0000


Security comes into play here because a user can create a malicious play that would overflow the virus scan. 
Consequently the user can execute code with the privileges of the user running virus scan. Thus, it is a local 
privilege escalation scenario. 

----------------------------------------

Date: Wed, 15 Aug 2007 18:53:18 +0200
From: monikerd () gmail com
To: joey.mengele () hushmail com
CC: sebastian () wolfgarten com; full-disclosure () lists grok org uk; bugtraq () securityfocus com
Subject: Re: [Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow

Joey Mengele wrote:

Where does security come into play here? This is a local crash in a 
non setuid binary. I would like to hear your remote exploitation 
scenario. Or perhaps your local privilege escalation scenario?

J


_________________________________________________________________
With Windows Live Hotmail, you can personalize your inbox with your favorite color.
www.windowslive-hotmail.com/learnmore/personalize.html?locale=en-us&ocid=TXT_TAGLM_HMWL_reten_addcolor_0607
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow Jimby Sharp (Aug 15)