Re: Advisory: Berkeley pmake

• Previous message: David Rude II: "Re: Off-by-one vulnerability in thttpd!!!"
• Maybe in reply to: Paul Starzetz: "Advisory: Berkeley pmake"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

21/11/2001 16:20:05, Paul Starzetz <paulat_private> wrote:

>1. Problem description
>----------------------
>
>There is a format string bug in the Berkeley's pmake 2.1.33 and below
>(parallel make) package as well as a buffer overflow problem. Pmake is
>suid root on various Linux distributions and uses root privileges for
>binding to low TCP ports. The ordinary format string bug leads to local
>root compromise on all vulnerable machines.

Default RedHat 7.2 not vulnerable :

[root@box etc]# more /etc/redhat-release
Red Hat Linux release 7.2 (Enigma)
[root@box etc]# uname -a
Linux box 2.4.9-13 #1 Tue Oct 30 20:11:04 EST 2001 i686 unknown
[root@box etc]# ls -l `which pmake`
-rwxr-xr-x    1 root     root        95708 aoû 21 12:55 /usr/bin/pmake

pmake isn't SUID root.

Nicolas Grégoire
http://www.exaprobe.com

• Next message: § o m e 1: "Fwd: An Important Message From HostRocket"
• Previous message: David Rude II: "Re: Off-by-one vulnerability in thttpd!!!"
• Maybe in reply to: Paul Starzetz: "Advisory: Berkeley pmake"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 16:04:24 PST