Bugtraq: http://www.eden.com/~tfast/jihad.html

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

http://www.eden.com/~tfast/jihad.html

From: devel () MEAT PLAGUEZ ORG (Compte de developpement)
Date: Sun, 2 Jan 1994 15:35:09 +0100


zgv/svgalib "vulnerability" ?

hello,

i dont really see where the problem with zgv/svgalib is.

There is obviously a buffer overflow with the $HOME
environment variable, but all my attemps to exploit
this failed: svgalib had well dropped root perms
(see below). Any idea ?
(i'm using Redhat 3.0.3, 4.0.0, svgalib 1.2.9)

From vga_init():

     ...
     seteuid(getuid());
     setgid(getegid());
     ...


Sample try:

[devel () plaguez]$ uname -a
Linux plaguez 2.0.30 #7 Sat Jun 21 09:35:21 MET 1997 i486
[devel () plaguez]$ ls -al /usr/bin/zgv
-r-s--x--x   1 root     root        87780 Feb 26  1996 /usr/bin/zgv
[devel () plaguez]$ ./overflow HOME 1124 0 /usr/bin/zgv
bash$




------------------------
   plaguez / libpcap
dube0866 () eurobretagne fr
  http://www.innu.org
------------------------

p.s: i'm looking for a job this summer. Maybe ... ;)

By Date By Thread

Current thread:

Re: your mail Nicolas Dubee (Dec 31)