On Wed, 25 Feb 1998 kevingeoat_private wrote: > Vulnerable: > Everyone who followed the installation instructions and made Quake2 setuid > root. To the best of my knowledge, Quake2 suffers from the same bug that squake suffers from. You can use the -gamedir option (or its quake 2 equivalent) to make squake cough up a root shell using a standard buffer overflow exploit. I don't believe Zoid altered this for quake 2. I don't think he cares about security at all. I wouldn't install anything of Zoid's setuid root without making it group-owned by a trusted group and mode 4750. This new exploit of yours even allows you to do evil things with Zoidware even if it is installed with a wrapper. :\ (Unless you want to make your wrapper check all the file permissions too)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:43:18 PDT