Bugtraq mailing list archives
Re: Linux GNOME exploit
From: btellier () WEBLEY COM (Brock Tellier)
Date: Mon, 27 Sep 1999 16:35:50 -0500
We may be missing the point here. This isn't necessarily a nethack or RH 6.0 vulnerability, it is a GNOME vulnerability and nothing more. The "redhat" and "nethack" names were purely for demonstration purposes. If Red Hat is concerned about losing face over an vulnerability like this, perhaps they should consult those who package Mandrake as "Red Hat Linux 6.0 with enhancements" and ship it with /etc/redhat-release. -Brock ----- Original Message ----- From: Matt Wilson <msw () redhat com> To: Brock Tellier <btellier () WEBLEY COM>; <BUGTRAQ () SECURITYFOCUS COM> Sent: Monday, September 27, 1999 4:05 PM Subject: Re: Linux GNOME exploit
On Thu, Sep 23, 1999 at 06:36:18PM -0500, Brock Tellier wrote:... SNIP ...The following exploit should work against any GNOME program, though I tried it on (the irony) /usr/games/nethack, which is SGID root by
default
on RH6.0. An attack on any program will look something like this: [> > [xnec@redhack gnox]$ uname -a; cat /etc/redhat-release; id Linux redhack 2.2.9-19mdk #1 Wed May 19 19:53:00 GMT 1999 i686
unknown
Linux Mandrake release 6.0 (Venus)... SNIP ... It's very important to note that this is _NOT_ Red Hat Linux 6.0. It is Linux Mandrake 6.0. We do not ship nethack in Red Hat Linux. It is included in Powertools, where it has no setuid/gid bits. Matt msw () redhat com
Current thread:
- Linux GNOME exploit Brock Tellier (Sep 23)
- Re: Linux GNOME exploit Alan Cox (Sep 27)
- Re: Linux GNOME exploit Brock Tellier (Sep 27)
- Re: Linux GNOME exploit Matt Wilson (Sep 27)
- Re: Linux GNOME exploit Ron DuFresne (Sep 29)
- Re: Linux GNOME exploit Slackware Security Team (Sep 29)
- Multiple Vendor ARCAD permission problems Brock Tellier (Sep 29)
- Re: Linux GNOME exploit Chmouel Boudjnah (Sep 27)
- <Possible follow-ups>
- Re: Linux GNOME exploit Elliot Lee (Sep 27)
- Re: Linux GNOME exploit Adam Sampson (Sep 28)
- Re: Linux GNOME exploit Thomas Biege (Sep 28)