Vulnerability Development mailing list archives

Re: sfxload issues.

From: OOZIE <oozie () hackpospolita prv pl>
Date: Thu, 3 Jan 2002 16:47:36 -0900

H3LL0 ! 

On Wed, 02 Jan 2002, l0rt wrote:

Vendor : http://members.tripod.de/iwai/awedrv.html
Program: sfxload
OS     : RH 7.1 
Version: 0.4.3
SUID   : No
SGID   : No
Issue  : This may get called by an suid helper binary which would allow 
       a normal user to gain some more privs.

[...]

Oops... Red Hat 7.2 seems also to be vulnerable ;)
Well, I dunno if anyone will need this code, but maybe ... (?)

Best regards,
OOZIE

Attachment: sfxpl.c
Description:

Current thread:

sfxload issues. l0rt (Jan 02)
- Re: sfxload issues. Gabriel A. Maggiotti (Jan 03)
- <Possible follow-ups>
- Re: sfxload issues. OOZIE (Jan 03)