Bugtraq mailing list archives
Re: Buffer overflows in Minicom 1.80.1
From: tarreau () AEMIAIF LIP6 FR (Willy TARREAU)
Date: Mon, 31 Aug 1998 09:21:03 +0200
I have found some buffer overflows in Minicom 1.80.1 which comes setuid root with Slackware 3.5. I known that were discussed some overflows in other versions of minicom ( no setuid root) but i think it's "new" and more dangerous.
I've tested 1.75 which comes with RH5.0, and it also crashes when TERM='aaaa....aaa'. Note that it seems to be only setgid uucp, but it's vulnerable. Willy -- +----------------------------------------------------------------------------+ | Willy Tarreau - tarreau () aemiaif lip6 fr - http://www-miaif.lip6.fr/willy/ | | System and Network Engineer - NOVECOM - http://novworld.novecom.fr/ | | Magistere d'Informatique Appliquee de l'Ile de France ( MIAIF ), Year 1997 | +----------------------------------------------------------------------------+
Current thread:
- Re: Buffer overflows in Minicom 1.80.1 Willy TARREAU (Aug 31)
- Re: Security Hole in Axent ESM Michael Shields (Aug 31)
- Re: Buffer overflows in Minicom 1.80.1 Alan Cox (Aug 31)