Re: [ Snes9x buffer overflow vulnerability ]

From: Mike Hoskins (mikeat_private)
Date: Tue Oct 16 2001 - 12:05:13 PDT

Next message: Alistair Crooks: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"

Previous message: Scott Dier: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
In reply to: Niels Heinen: "[ ** Snes9x buffer overflow vulnerability ** ]"
Next in thread: Heikki Korpela: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
Reply: Heikki Korpela: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 16 Oct 2001, Niels Heinen wrote:

> Tested platforms: FreeBSD, NetBSD, OpenBSD and Linux.

Version(s)?

mike@mojo{mike}$ uname -a
FreeBSD mojo.televoke.net 4.4-STABLE FreeBSD 4.4-STABLE #5: Tue Sep 18 16:11:35
PDT 2001     mikeat_private:/usr/obj/usr/src/sys/MOJO  i386
mike@mojo{mike}$ ls -al /usr/X11R6/bin/snes9x
-r-xr-xr-x   1 root     wheel     1718336 Jun 25 11:08 /usr/X11R6/bin/snes9x*
mike@mojo{mike}$ pkg_info|grep snes
snes9x-1.37c        Super Nintendo Entertainment System(SNES) Emulator

This was installed from ports and did not have SUID set by default.

Still, it is a find.  Good work, but does anyone set SUID beside those
reading the README and following the developer's suggestions (curious)?

Later,
-Mike

--
"Information may want to be free, but fiber optic cable wants to be
 a million US dollars per mile."  --Shawn McMahon

Next message: Alistair Crooks: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
Previous message: Scott Dier: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
In reply to: Niels Heinen: "[ ** Snes9x buffer overflow vulnerability ** ]"
Next in thread: Heikki Korpela: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
Reply: Heikki Korpela: "Re: [ ** Snes9x buffer overflow vulnerability ** ]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 16 2001 - 13:21:12 PDT