Re: [HERT] Advisory #002 Buffer overflow in lsof

From: Mariusz Marcinkiewicz (manyat_private)
Date: Thu Feb 18 1999 - 17:03:54 PST

Next message: Curt Sampson: "Re: traceroute as a flooder"

Previous message: mnemonix: "Inherent weaknesses in NT system policies"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: Theo de Raadt: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 18 Feb 1999, Don Lewis wrote:

> ... or are there systems that give group kmem write privileges?  If so,
> I'd say that's a security hole.

Yes, you are right... but... I saw that hole after installing new linx and
checked it's security. First I was suprised but not for a long time.
In a few mins I noticed all linux versions are chown .kmem; chmod g+s
lsof...  on linux /dev/kmem is +w for gid kmem, on bsd too (probably, I
didn't checked that), so... all of std. distributions are vuln. without
ONE! the slackware, IMHO, it's the most secure distribution [ :))) i know:
slackware doesn't has lsof;))) but by tahat way that distr. is secure ;P ]

Cheers

--
Mariusz Marcinkiewicz [Security Specialist] [manyat_private]
European Network Security Institute [http://www.ensi.net]

Next message: Curt Sampson: "Re: traceroute as a flooder"
Previous message: mnemonix: "Inherent weaknesses in NT system policies"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: Theo de Raadt: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:38 PDT