Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: SuSE 6.3 Gnomelib buffer overflow
From: thomas () SUSE DE (Thomas Biege)
Date: Wed, 3 May 2000 13:31:21 +0200

Hi,
SuSE 6.3 includes just one SUGID gnome app and that's
/opt/gnome/sbin/gnome-pty-helper, which is setgid tty.
Only SuSE 6.4 includes setgid gnome games but it is
_not_ vulnerable to this exploit.

This bug doesn't depend on the Linux distributor, it
depends on the gnome version.
I think older releases of the other Linux vendors
are also vulnerable... so, take care.

We are working for a patch... stay tuned.

Bye,
     Thomas

--
  Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
  E () mail: thomas () suse de      Function: Security Support & Auditing
  "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
   Key fingerprint = 09 48 F2 FD 81 F7 E7 98  6D C7 36 F1 96 6A 12 47

  By Date           By Thread  

Current thread:
  • Re: SuSE 6.3 Gnomelib buffer overflow Thomas Biege (May 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]