Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Repost: Security bug in SGI VideoFramer
From: martinh () mailhost emap co uk (martinh () mailhost emap co uk)
Date: Thu, 23 May 1996 10:03:01 +0000


On Tue, 14 May 1996, Hui-Hui Hu wrote:

Stardot Networks / Security vulnerability [SDN-2-sgi-videoframer]

PROBLEM. sb_encode is installed setuid in /usr/video/vfr/bin and does not
check for permissions/ownership. sb_encode takes an IRIS RGB-format image
file and spits out a VideoFramer format file (.vfr).

REPEAT BY: /usr/video/vfr/bin/sb_encode -o [file-to-overwrite] [iris-image]
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

TEMPORARY FIX.

# chmod -s /usr/video/vfr/*

Since the sb_encode program is in a subdirectory of /usr/video/vfr/
shouldn't the fix be:

# chmod -R -s /usr/video/vfr/*


M.


##################################################################
# Martin Hargreaves (martin () datamodl demon co uk)  Computational #
# Director, Datamodel Ltd                                Chemist #
# Contract Unix system admin/Unix security              Sysadmin #
##################################################################



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]