Re: Buffer overflows in Minicom 1.80.1

From: Willy TARREAU (tarreauat_private)
Date: Mon Aug 31 1998 - 00:21:03 PDT

Next message: reddog: "Re: Security Hole in Axent ESM"

Previous message: Wichert Akkerman: "Re: Buffer overflows in Minicom 1.80.1"
Maybe in reply to: Eduardo Navarro: "Buffer overflows in Minicom 1.80.1"
Next in thread: Alan Cox: "Re: Buffer overflows in Minicom 1.80.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
> I have found some buffer overflows in Minicom 1.80.1 which comes setuid
> root with Slackware 3.5.  I known that were discussed some overflows in
> other versions of minicom ( no setuid root) but i think it's "new" and
> more dangerous.

I've tested 1.75 which comes with RH5.0, and it also crashes when
TERM='aaaa....aaa'. Note that it seems to be only setgid uucp, but it's
vulnerable.

                                        Willy

--
+----------------------------------------------------------------------------+
| Willy Tarreau - tarreauat_private - http://www-miaif.lip6.fr/willy/  |
| System and Network Engineer - NOVECOM - http://novworld.novecom.fr/        |
| Magistere d'Informatique Appliquee de l'Ile de France ( MIAIF ), Year 1997 |
+----------------------------------------------------------------------------+

Next message: reddog: "Re: Security Hole in Axent ESM"
Previous message: Wichert Akkerman: "Re: Buffer overflows in Minicom 1.80.1"
Maybe in reply to: Eduardo Navarro: "Buffer overflows in Minicom 1.80.1"
Next in thread: Alan Cox: "Re: Buffer overflows in Minicom 1.80.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:23 PDT