Re: Linux GNOME exploit

From: Ron DuFresne (dufresneat_private)
Date: Wed Sep 29 1999 - 00:34:37 PDT

Next message: Alan Cox: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"

Previous message: Alesh Mustar: "Re: [EuroHaCk] Linux 2.2.x ISN vulnerability (fwd)"
Maybe in reply to: Brock Tellier: "Linux GNOME exploit"
Next in thread: Slackware Security Team: "Re: Linux GNOME exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Also, since slackware as well <slackware 4.0> documents:

- Large repository of contributed software compiled and ready to run. This
  includes GNOME 1.0

The GNOME troubles were cross posted to slackware-securityat_private,
though, this looks to be a dead list since nothing has rooled backout of
it for two days....

Seems prudent that the information should make it to all the distributions
that incude GNOME and maintain a security list to pass such info on for
admins and end users to deal with as nessecary.

Thanks,

Ron DuFresne


On Mon, 27 Sep 1999, Brock Tellier wrote:

>     We may be missing the point here.  This isn't necessarily a nethack
> or RH 6.0 vulnerability, it is a GNOME vulnerability and nothing more.
> The "redhat" and "nethack" names were purely for demonstration purposes.
> If Red Hat is concerned about losing face over an vulnerability like
> this, perhaps they should consult those who package Mandrake as "Red Hat
> Linux 6.0 with enhancements" and ship it with /etc/redhat-release.
>
> -Brock
>
> ----- Original Message -----
> From: Matt Wilson <mswat_private>
> To: Brock Tellier <btellierat_private>; <BUGTRAQat_private>
> Sent: Monday, September 27, 1999 4:05 PM
> Subject: Re: Linux GNOME exploit
>
>
> > On Thu, Sep 23, 1999 at 06:36:18PM -0500, Brock Tellier wrote:
> > >
> > ... SNIP ...
> > >
> > > The following exploit should work against any GNOME program, though I
> > > tried it on (the irony) /usr/games/nethack, which is SGID root by
> default
> > > on RH6.0.  An attack on any program will look something like this:
> > >
> > > [xnec@redhack gnox]$ uname -a; cat /etc/redhat-release; id
> > > Linux redhack 2.2.9-19mdk #1 Wed May 19 19:53:00 GMT 1999 i686
> unknown
> > > Linux Mandrake release 6.0 (Venus)
> > >
> > ... SNIP ...
> >
> > It's very important to note that this is _NOT_ Red Hat Linux 6.0.  It
> > is Linux Mandrake 6.0.  We do not ship nethack in Red Hat Linux.  It
> > is included in Powertools, where it has no setuid/gid bits.
> >
> > Matt
> > mswat_private
> >
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Next message: Alan Cox: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Previous message: Alesh Mustar: "Re: [EuroHaCk] Linux 2.2.x ISN vulnerability (fwd)"
Maybe in reply to: Brock Tellier: "Linux GNOME exploit"
Next in thread: Slackware Security Team: "Re: Linux GNOME exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:47 PDT