Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: MDKSA-2000:065 - Linux-Mandrake not affected by dump
From: Adam Knight <ahknight () JUMP NET>
Date: Thu, 2 Nov 2000 18:01:54 -0600

You know, I tried this on Redhat 6.2, two different installs, and got the result
they're saying here.  Perhaps this is only on *some* Redhat installs?  Anyone
have an idea as to what would cause this to fail/succeed?  My copy is certainly
SUID root, but the binary it made was SUID me.

On Thu, 2 Nov 2000, Linux Mandrake Security Team wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

               Linux-Mandrake Security Update Advisory
________________________________________________________________________

Package name:          dump
Date:                  November 2nd, 2000
Advisory ID:           MDKSA-2000:065

Affected versions:     None
________________________________________________________________________

Problem Description:

In some instances, if dump is suid root, it can be used to gain root
access.  Two exploits have been published to prove this.
________________________________________________________________________

Linux-Mandrake ships dump suid root, however both exploits do not work
under Linux-Mandrake.  The end result is a shell that is suid by the
user attempting the exploit, and not suid root which is the intended
result.
________________________________________________________________________

--
____________________________________________________________________________
Adam Knight                                                ahknight () jump net
MIS Developer                                            http://www.jump.net
______________________________Codito, ergo sum______________________________

 Allen's Axiom:
    When all else fails, read the instructions.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]