Bugtraq mailing list archives
Re: [H-BUGTRAQ] Critical Security Problem in 4.4BSD crt0
From: brucec () HUMBUG ORG AU (A Bruce in the land of the Bruces)
Date: Fri, 3 Feb 1995 19:54:55 +1000
On Sun, 2 Feb 1997, Thomas H. Ptacek wrote:
There is a critically important security problem in FreeBSD 2.1.5's C runtime support library that will enable anyone with control of the environment of a process to cause it to execute arbitrary code. All executable SUID programs on the system are vulnerable to this problem. On FreeBSD 2.1.5, startup locale processing is enabled by setting the environment variable "ENABLE_STARTUP_LOCALE". "startup_setrunelocale()" is called if the environment variable "LC_CTYPE" is set as well.
Quick fix (for shell users), 'declare -r' all suspect environment
variables to safe values in the system startup files for the shell.
--==--
Bruce.
A cynic is a person searching for an honest man, with a stolen lantern.
-- Edgar A. Shoaff
Current thread:
- Critical Security Problem in 4.4BSD crt0 Thomas H. Ptacek (Feb 02)
- Re: [H-BUGTRAQ] Critical Security Problem in 4.4BSD crt0 A Bruce in the land of the Bruces (Feb 03)
- Re: [H-BUGTRAQ] Critical Security Problem in 4.4BSD crt0 Lex Spoon (Feb 03)
- Problems with locale routines in general... Thomas H. Ptacek (Feb 03)
- <Possible follow-ups>
- Re: Critical Security Problem in 4.4BSD crt0 Dan Cross (Feb 02)
- Re: Critical Security Problem in 4.4BSD crt0 Charles M. Hannum (Feb 03)
- Re: [H-BUGTRAQ] Critical Security Problem in 4.4BSD crt0 A Bruce in the land of the Bruces (Feb 03)