Re: *BSD banner INT overflow vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: *BSD banner INT overflow vulnerability
From: admin <admin@xxxxxxxxxx>
Date: Thu, 23 Nov 2006 10:06:29 +0500
In-reply-to: <45647484.5010708@xxxxxxxxxxxx>
Organization: Отдел автоматизации компании "Астра"
References: <E1GmoEi-000GfC-00.dead-code-crew-mail-ru@xxxxxxxxxxx> <45647484.5010708@xxxxxxxxxxxx>
User-agent: KMail/1.7.2

> Why in the world would someone add a suid bit to banner?  Maybe it's a
> bug, but you had to work hard to turn it into a vulnerability.

someone (uid=0) can chmod +s and backdoor ready..

References:
- *BSD banner INT overflow vulnerability
  - From: Gruzicki Wlodek
- Re: *BSD banner INT overflow vulnerability
  - From: Steve Shockley

Prev by Date: Re: SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include
Next by Date: LS-20061102 - Business Objects Crystal Reports Stack Overflow Vulnerability
Previous by thread: Re: *BSD banner INT overflow vulnerability
Next by thread: Re: Re: *BSD banner INT overflow vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux