On Feb 18, 1:30am, "Anthony C . Zboralski" wrote: } Subject: [HERT] Advisory #002 Buffer overflow in lsof } When lsof is setuid-root or setgid kmem, it is vulnerable to a buffer } overflow that will lead to direct root compromise or root compromise } thru live kernel patching. If lsof is installed setgid kmem, it shouldn't gain any privileges to overwrite something to gain root access. At worst, it should only be possible to read things in kernel memory that ordinary users shouldn't have access to (I suppose this might include a password in a tty buffer if the cracker got really lucky). ... or are there systems that give group kmem write privileges? If so, I'd say that's a security hole.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:28 PDT