Bugtraq mailing list archives

Re: DJB's students release 44 *nix software vulnerability advisories

From: Casper.Dik () Sun COM
Date: Wed, 22 Dec 2004 18:56:18 +0100

/bin/sh exists to run shell commands.  That is the purpose of the 
shell.  NASM, on the other hand, is designed to create object files 
from assembly files.  If NASM starts running arbitrary code on your 
machine, it's doing something unauthorized.  That is a security hole.  
By typing "nasm file.S" you are not intending to authorize the author 
of file.S to take over your account, right?


What other purpose does NASM have other than to compile code
and then, implicitely, run it?

I could buy the argument for a webbrowser or a wordprocessor;
but a assembler or compiler?

Also, could you please show me this shell script you speak of?  All the 
shell scripts I know of that give me root access require me to type the 
root password.   If you have found a way around this, then you are 
correct, "every UNIX system on Earth has a remote hole". :)


Any script which exploits a local security hole would do.

Setting buff[1023] to '\0' is a good idea, since vsnprintf won't do 
that if vsprintf(buff, fmt, args) generates 1024 bytes.


You should have paid better attention in class.

Casper

Current thread:

Re: DJB's students release 44 *nix software vulnerability advisories, (continued)
- Re: DJB's students release 44 *nix software vulnerability advisories Jonathan T Rockway (Dec 21)
  - Re: DJB's students release 44 *nix software vulnerability advisories milw0rm Inc. (Dec 21)
    - Re: DJB's students release 44 *nix software vulnerability advisories Antoine Martin (Dec 21)
    - Re: DJB's students release 44 *nix software vulnerability advisories Chris Paget (Dec 22)
    - Re: DJB's students release 44 *nix software vulnerability advisories Jack Lloyd (Dec 22)
  - Re: DJB's students release 44 *nix software vulnerability advisories Dave Holland (Dec 21)
    - Re: DJB's students release 44 *nix software vulnerability advisories sean (Dec 22)
  - Re: DJB's students release 44 *nix software vulnerability advisories Thor (Dec 21)
  - Re: DJB's students release 44 *nix software vulnerability advisories David F. Skoll (Dec 21)
    - Re: DJB's students release 44 *nix software vulnerability advisories Jonathan Rockway (Dec 22)
    - Re: DJB's students release 44 *nix software vulnerability advisories Casper . Dik (Dec 22)
    - Re: DJB's students release 44 *nix software vulnerability advisories Michal Zalewski (Dec 23)
    - Re: DJB's students release 44 *nix software vulnerability advisories Valdis . Kletnieks (Dec 22)
  - Re: DJB's students release 44 *nix software vulnerability advisories laffer1 (Dec 21)
    - Re: DJB's students release 44 *nix software vulnerability advisories Jonathan Rockway (Dec 22)
  - Re: DJB's students release 44 *nix software vulnerability advisories Stephen Harris (Dec 21)
  - Re: DJB's students release 44 *nix software vulnerability advisories Raymond M. Reskusich (Dec 21)
- RE: DJB's students release 44 *nix software vulnerability advisories Devin Ganger (Dec 21)
- Re: DJB's students release 44 *nix software vulnerability advisories Steven M. Christey (Dec 22)
  - Re: DJB's students release 44 *nix software vulnerability advisories David Wagner (Dec 24)
- Re: DJB's students release 44 *nix software vulnerability advisories Steven M. Christey (Dec 22)

(Thread continues...)