Re: Corel Linux 1.0 dosemu default configuration: Local root vuln

From: Nate Eldredge (neldredgeat_private)
Date: Sun Mar 05 2000 - 14:13:45 PST

Next message: Olaf Kirch: "Re: [XFree86 3.3.6] fix for race conditions in xterm logfile"

Previous message: Przemyslaw Frasunek: "Re: [ Hackerslab bug_paper ] Linux dump buffer overflow"
Maybe in reply to: suidat_private: "Corel Linux 1.0 dosemu default configuration: Local root vuln"
Next in thread: Michael Meskes: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I note that this has been added to the Vulnerabilities Database on
www.securityfocus.org (#1030) with the following solution:

> The system.com program should be removed from the dosemu heirarchy.

I don't think this is adequate.  system.com is a fairly short file
(300 bytes), and if a user has any way to create files inside the
dosemu hierarchy (as they probably do, because otherwise dosemu is of
limited value), they can easily re-create it.

Correct fixes are listed at
http://www.dosemu.org/docs/README/0.98/README-3.html , the URL
referenced before.  Such as setting secure mode in the configuration
files.

(Note that I haven't tested this as I can't reproduce the
vulnerability with my current dosemu configuration.)

--

Nate Eldredge
neldredgeat_private

Next message: Olaf Kirch: "Re: [XFree86 3.3.6] fix for race conditions in xterm logfile"
Previous message: Przemyslaw Frasunek: "Re: [ Hackerslab bug_paper ] Linux dump buffer overflow"
Maybe in reply to: suidat_private: "Corel Linux 1.0 dosemu default configuration: Local root vuln"
Next in thread: Michael Meskes: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:39:01 PDT