Re: [HERT] Advisory #002 Buffer overflow in lsof

From: Alex Shnitman (alexshat_private)
Date: Sat Feb 20 1999 - 13:10:54 PST

Next message: johann sebastian bach: "Re: [HERT] Advisory #002 Buffer overflow in lsof"

Previous message: Peter W: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: johann sebastian bach: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alan Cox writes:

 > > In a few mins I noticed all linux versions are chown .kmem; chmod g+s
 > > lsof...  on linux /dev/kmem is +w for gid kmem, on bsd too (probably, I
 > > didn't checked that), so... all of std. distributions are vuln. without
 >
 > crw-r-----   1 root     kmem       1,   2 May  5  1998 /dev/kmem
 >
 > Red Hat 5.2
 >
 > crw-r-----   1 root     kmem       1,   2 Jan  1  1980 /dev/kmem
 >
 > Red Hat 4.2

crw-rw----   1 root     kmem       1,   2 Jul 21  1998 /dev/kmem

Debian 2.0

Ack! What breaks if I change it?


--
Alex Shnitman
alexshat_private, alexshat_private
http://alexsh.hectic.net

Next message: johann sebastian bach: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Previous message: Peter W: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Maybe in reply to: Anthony C . Zboralski: "[HERT] Advisory #002 Buffer overflow in lsof"
Next in thread: johann sebastian bach: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:36:19 PDT