Vulnerability Development mailing list archives
Re: Eterm SGID utmp Buffer Overflow (Local)
From: "Simon 'corecode' Schubert" <corecode () corecode ath cx>
Date: Mon, 14 Jan 2002 23:10:38 +0100
On Sun, 13 Jan 2002 07:57:57 -0700 "Charles 'core' Stevenson" <core () bokeoa com> wrote:
I found this last night looking for suids to overflow. Tested on Debian PowerPC Unstable. Yields gid utmp from which higher priveleges could be gained with a little effort. I haven't looked too close but I think the overflow might be in imlib2.
could this be sploited under x86 as well? i don't see a way but this doesn't say anything... what do others say? cheerz corecode -- /"\ http://corecode.ath.cx/ \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News
Attachment:
_bin
Description:
Current thread:
- Eterm SGID utmp Buffer Overflow (Local) Charles 'core' Stevenson (Jan 13)
- Re: Eterm SGID utmp Buffer Overflow (Local) Simon 'corecode' Schubert (Jan 14)
- Re: Eterm SGID utmp Buffer Overflow (Local) Charles 'core' Stevenson (Jan 15)
- Re: Eterm SGID utmp Buffer Overflow (Local) Michael Jennings (Jan 21)
- Re: Eterm SGID utmp Buffer Overflow (Local) Simon 'corecode' Schubert (Jan 14)