Vulnerability Development mailing list archives
RE: Vi buffer overflow
From: batz <batsy () vapour net>
Date: Fri, 9 Nov 2001 14:37:32 -0500 (EST)
On Fri, 9 Nov 2001, Lord, Steve (ISS London) wrote: : :Hmmm.... vi is the default editor on a lot of systems, not sure about SCO. :However, the default editor is launched by suid programs (e.g crontab - The only time that I can think of it being invoked suid would be via 'sudo' or with chpass, chfn or other user management commands. Even then, I don't think that the vi process itself is as user root. Worth checking tho. This would be a problem if something like sed or ed were vulnerable, as they are used in crontabs. -- batz Reluctant Ninja Defective Technologies
Current thread:
- Re: vi buffer overflow, (continued)
- Re: vi buffer overflow Emmanuel BENOIT (Nov 09)
- Re: vi buffer overflow Matias Sedalo (Nov 09)
- Re: vi buffer overflow Thomas Graf (Nov 09)
- Re: vi buffer overflow walter valenti (Nov 09)
- Re: vi buffer overflow Piyush Agarwal (Nov 09)
- Re[2]: vi buffer overflow Greg Wirth (Nov 09)
- Re: vi buffer overflow Wichert Akkerman (Nov 09)
- Re: vi buffer overflow Robert Jaroszuk (Nov 09)
- Re: vi buffer overflow Vasisht Tadigotla (Nov 09)
- Re: vi buffer overflow Emmanuel BENOIT (Nov 09)
- RE: Vi buffer overflow Lord, Steve (ISS London) (Nov 09)
- RE: Vi buffer overflow batz (Nov 09)
- RE: vi buffer overflow Blue Boar (Nov 09)
- RE: vi buffer overflow Piyush Agarwal (Nov 12)
- RE: vi buffer overflow Hubert Pasternak (Nov 12)
- RE: vi buffer overflow Piyush Agarwal (Nov 12)