VULNERABILITY DESCRIPTION Users can execute programs/shellscript by clicking on the bubblemon app. bubblemon is installed sgid kmem on FreeBSD and does not drop its egid before executing programs. VERSIONS AFFECTED All versions of BubbleMon up to 1.32 installed on FreeBSD . EXAMPLE $ id uid=1000(christer) gid=1000(christer) groups=1000(christer) $ bubblemon id uid=1000(christer) gid=1000(christer) egid=2(kmem) groups=2(kmem), 1000(christer) FIX Get the new fixed version BubbleMon 1.32 from http://www.ne.jp/asahi/linux/timecop
This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 11:01:49 PDT