Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Corel Linux 1.0 dosemu default configuration: Local root vuln
From: whitvamp () MINDLESS COM (VaMPiRe, WHiTe)
Date: Fri, 3 Mar 2000 02:54:17 -0500


On Thu, Mar 02, 2000 at 04:47:11AM +0000, suid () SUID KG(suid () SUID KG) wrote:
<snip>
: Summary:
: 
:       Local users can take advantage of a packaging and configuration
:       error (which has been known and documented for a long time) to
:       execute arbitrary commands as root.
: 
:       We see from the doc/README/SECURITY file as well as
:       http://www.dosemu.org/docs/README/0.98/README-3.html
:       written in 1997 that this configuration is bad.
<snip>

        Tested default configuration of dosemu on Slackware 7.0, no
vulnerability.

Regards,

-- 
    __      ______   ____
   /  \    /  \   \ /   / WHiTe VaMPiRe\Rem
   \   \/\/   /\   Y   /  whitevampire () mindless com
    \        /  \     /   http://www.projectgamma.com/
     \__/\  /    \___/    http://www.gammaforce.org/
          \/ "Silly hacker, root is for administrators."


<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]