>After doing a check on my SuSE linux 7.0 x86 i found >something >interesting: > >hegi@faust:~ > ls -la /usr/sbin/dip >-rwsr-xr-- 1 root dialout 62056 Jul 29 2000 /usr/sbin/dip > >DIP: Dialup IP Protocol Driver version 3.3.7p-uri (25 Dec 96) >Written by Fred N. van Kempen, MicroWalt Corporation. > >(gdb) run -k -l `perl -e 'print "a" x 130 '` >Starting program: /usr/sbin/dip -k -l `perl -e 'print "a" x 130 '` >DIP: Dialup IP Protocol Driver version 3.3.7p-uri (25 Dec 96) >Written by Fred N. van Kempen, MicroWalt Corporation. > >DIP: cannot open /var/lock/LCK..aaaa......aaaaaaa: Datei oder >Verzeichnis >nicht gefunden > >Program received signal SIGSEGV, Segmentation fault. >0x61616161 in ?? () > >The same packet and problem is on SuSe 7.1 and RedHat 6.2. >I don't have >SuSe 7.2 to check. SuSE 6.2 and 6.3 are also vulnerable and setuid root. But normal users, just like on SuSE 7.0, don't have execute permissions on these versions. Regards, Martijn A.
This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 09:09:19 PDT