mailing list archives
From: Bob Howard <reh () umich edu>
Date: Fri, 30 Nov 2001 08:48:17 -0500
i've found buffer overflow in uucp. in BSDi platform
since uucp is by nature suid. and the ownership is by uucp
i don't see the real profit.
Don't know about BSDi, but on Solaris uucp owns tip, uuencode, uudecode,
and others. So if I can use this vuln to su uucp, I can trojan e.g.
tip. Then the next time root runs what he thinks is tip, I've got the
Robert Howard University of Michigan
Lead System Administrator IT Central Services
Strategic Projects Operations
- UUCP Izik (Nov 29)
- Re: UUCP Bob Howard (Nov 30)