Re: Corel Linux 1.0 dosemu default configuration: Local root vuln

From: Michael Meskes (meskesat_private)
Date: Tue Mar 07 2000 - 02:53:15 PST

Next message: Dustin Miller: "Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity"

Previous message: Ussr Labs: "(BisonWare FTP Server V3.5 Roses Labs Security Advisory) is a old"
Maybe in reply to: suidat_private: "Corel Linux 1.0 dosemu default configuration: Local root vuln"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 03, 2000 at 10:33:51AM -0800, Seth R Arnold wrote:
> I tested this on debian's dosemu, Version: 0.98.8-2, (debian woody) and

And more important Debian potato which will be released soon also has the
0.98.8-2 version. The difference is simply that the actual Debian package is
NOT installed setuid. Thus the exploit simply does not work anymore.

Michael

--
Michael Meskes                         | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz    | Go Rhein Fire!
Tel.: (+49) 2431/72651                 | Use Debian GNU/Linux!
Email: Michael@Fam-Meskes.De           | Use PostgreSQL!

Next message: Dustin Miller: "Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity"
Previous message: Ussr Labs: "(BisonWare FTP Server V3.5 Roses Labs Security Advisory) is a old"
Maybe in reply to: suidat_private: "Corel Linux 1.0 dosemu default configuration: Local root vuln"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:39:11 PDT