Re: [HERT] Advisory #002 Buffer overflow in lsof

From: Don Lewis (Don.Lewisat_private)
Date: Thu Feb 18 1999 - 08:31:33 PST

Next message: Andre Cruz: "xtvscreen and suse 6"

Previous message: root: "ADMsnmp SNMP Audit scanner"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: Gene Spafford: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Feb 18,  1:30am, "Anthony C . Zboralski" wrote:
} Subject: [HERT] Advisory #002 Buffer overflow in lsof

}    When lsof is setuid-root or setgid kmem, it is vulnerable to a buffer
}    overflow that will lead to direct root compromise or root compromise
}    thru live kernel patching.

If lsof is installed setgid kmem, it shouldn't gain any privileges to
overwrite something to gain root access.  At worst, it should only be
possible to read things in kernel memory that ordinary users shouldn't
have access to (I suppose this might include a password in a tty buffer
if the cracker got really lucky).

... or are there systems that give group kmem write privileges?  If so,
I'd say that's a security hole.

Next message: Andre Cruz: "xtvscreen and suse 6"
Previous message: root: "ADMsnmp SNMP Audit scanner"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: Gene Spafford: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:28 PDT