Bugtraq mailing list archives
Re: response to the bugtraq report of buffer overruns in imapd LIST command
From: hno () HEM PASSAGEN SE (Henrik Nordstrom)
Date: Tue, 18 Apr 2000 22:15:20 +0200
Mark Crispin wrote:
Last but not least, I am very interested in Kris Kennaway's claim that "It may also be possible to break out of the chroot jail on some platforms." If true, it represents a huge root-level security hole on those platforms. I simply do not believe the claim. I would like to know if there is some substance to this claim, or if it was mere speculation.
If you can get root privilegies inside the jail then breaking out is a trivial matter on most systems. On some systems you might be able to break out without root privilegies if there is a filehandle open to outside the jail. Especially so if there is a filedescriptor to a directory. -- Henrik Nordstrom
Current thread:
- RUS-CERT Advisory 200004-01: GNU Emacs 20, (continued)
- RUS-CERT Advisory 200004-01: GNU Emacs 20 RUS-CERT, University of Stuttgart (Apr 18)
- More vulnerabilities in FP Narrow (Apr 18)
- Re: More vulnerabilities in FP The Cyberiad (Apr 19)
- Re: More vulnerabilities in FP Ron van Daal (Apr 22)
- Re: More vulnerabilities in FP The Cyberiad (Apr 19)
- AVM's Statement eAX [Teelicht] (Apr 19)
- Adtran DoS Mike Ireton (Apr 19)
- FreeBSD Security Advisory: FreeBSD-SA-00:13.generic-nqs FreeBSD Security Officer (Apr 19)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Warner Losh (Apr 17)
- pwdump2 for Active Directory Todd Sabin (Apr 18)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Henrik Nordstrom (Apr 18)
- Cooments on the dvwssr.dll vulnerability threads Iván Arce (Apr 17)
- Re: Cooments on the dvwssr.dll vulnerability threads David LeBlanc (Apr 18)
- Last call for extended abstracts - Raid 2000 - Deadline is April 30th Herve Debar (Apr 18)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Kris Kennaway (Apr 17)