Re: Slrnpull Buffer Overflow (-d parameter)

[Bill Nottingham <notting () redhat com>]

Alex Hernandez (alex_hernandez () ureach com) said: 
> Linux RH.6.2 Sparc64 and below versions.

On Red Hat Linux 6.2 for sparc:

# ls -l /usr/bin/slrnpull
-rwxr-s---    1 news     news        48688 Feb  7  2000 /usr/bin/slrnpull 
# rpm -q slrn-pull
slrn-pull-0.9.6.2-4

With all updates applied:

# ls -l /usr/bin/slrnpull
-rwxr-s---    1 root     news        55456 Mar  1  2001 /usr/bin/slrnpull
# rpm -q slrn-pull
slrn-pull-0.9.6.4-0.6

Hence, while you may be able to get group news, the program is only
runnable by group news. So, I don't think there are any security
implications here.

Bill