Bugtraq mailing list archives
Re: Advisory: Berkeley pmake
From: Nicolas Gregoire <ngregoire () exaprobe com>
Date: Thu, 22 Nov 2001 09:48:20 +0100
21/11/2001 16:20:05, Paul Starzetz <paul () starzetz de> wrote:
1. Problem description ---------------------- There is a format string bug in the Berkeley's pmake 2.1.33 and below (parallel make) package as well as a buffer overflow problem. Pmake is suid root on various Linux distributions and uses root privileges for binding to low TCP ports. The ordinary format string bug leads to local root compromise on all vulnerable machines.
Default RedHat 7.2 not vulnerable : [root@box etc]# more /etc/redhat-release Red Hat Linux release 7.2 (Enigma) [root@box etc]# uname -a Linux box 2.4.9-13 #1 Tue Oct 30 20:11:04 EST 2001 i686 unknown [root@box etc]# ls -l `which pmake` -rwxr-xr-x 1 root root 95708 aoû 21 12:55 /usr/bin/pmake pmake isn't SUID root. Nicolas Grégoire http://www.exaprobe.com
Current thread:
- Advisory: Berkeley pmake Paul Starzetz (Nov 21)
- <Possible follow-ups>
- Re: Advisory: Berkeley pmake Nicolas Gregoire (Nov 23)