Vulnerability Development mailing list archives

Re: ddd smashed

From: l0rt <simon () snosoft com>
Date: 16 Jan 2002 10:48:20 -0500

I agree, 
        Why would anyone want to do it? None the less it is still a problem/bug
that should be fixed. If you choose to be ignorant and assume that
people do not do stupid things then please do not try to force that on
me. 

On Tue, 2002-01-15 at 20:27, Pavel Kankovsky wrote:

On 15 Jan 2002, l0rt wrote:

Program  : ddd
OS       : Linux
DISTRO   : RedHat 7.1
Issue    : 0x41414141 (no core tho)
Home Page: http://www.gnu.org/software/ddd/
suid     : No
sgid     : No
Issue    : ddd may be called by an suid helper binary and could be    
exploited to gain local root access.


Why the hell would anyone ever want to invoke a *debugger* frontend via a
setuid helper?! Anyone stupid enough to do anything like that would create
multiple security holes an order of magnitude bigger than this little 
buffer overflow in ddd!

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

-- 

-l0rt-
        
        Strategic Reconnaissance Team
        Team Key ID: ACFCBD01
        l0rt Key ID: 47BF3F87
        ------------------------------------------
        "That secret you've been guarding, isn't."

Attachment: _bin
Description:

Current thread:

ddd smashed l0rt (Jan 15)
- Re: ddd smashed Pavel Kankovsky (Jan 16)
  - Re: ddd smashed l0rt (Jan 16)
    - Re: ddd smashed Pavel Kankovsky (Jan 16)
    - Re: ddd smashed l0rtamus Prime (Jan 16)