Home page logo

bugtraq logo Bugtraq mailing list archives

Re: xscreensaver exploit for Redhat 7.3
From: Steven Leikeim <steven () enel ucalgary ca>
Date: Thu, 6 Mar 2003 14:56:27 -0700

On Thu, Mar 06, 2003 at 06:26:41PM -0000, Angelo Rosiello wrote:

I think you don't need other comments:

** Tested on rh 7.3 using XFree86
** xscreensaver vulnerability
** AUTHORS: Angelo Rosiello (Guilecool) & deka
** REQUIRES: X must be run!
** EFFECTS: local root exploit!

Oddly enough, this does NOT work on my RedHat 7.3 installation. I have the
default xscreensaver RPM installed (xscreensaver-3.33-4).

When I run this, xscreensaver DOES dump core, however, xscreensaver is not
suid root and so will not itself give a root exploit. Perhaps there is an
expected interaction with the X server (which is running as root) but this
is not clear from Angelo's message.

Steven Leikeim
Department of Electrical and Computer Engineering
University of Calgary

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]