Full Disclosure mailing list archives
Re: Re: HTML Help API - Privilege Escalation
From: Valdis.Kletnieks () vt edu
Date: Fri, 24 Oct 2003 16:41:45 -0400
On Fri, 24 Oct 2003 20:08:24 +0200, Sebastian Niehaus <killedbythoughts () mindcrime net> said:
Well, if you have a programm to be run in suid mode, every Unix admin should be alerted. They are used to review the source code of this kind of stuff.
When was the last time you audited the source for 'ping' or 'traceroute'? Is there *anybody* qualified to do an audit of /usr/X11R6/bin/XFree86?
Attachment:
_bin
Description:
Current thread:
- HTML Help API - Privilege Escalation Brett Moore (Oct 24)
- Re: HTML Help API - Privilege Escalation KF (Oct 24)
- Re: HTML Help API - Privilege Escalation Sebastian Niehaus (Oct 24)
- Re: Re: HTML Help API - Privilege Escalation KF (Oct 24)
- Re: Re: HTML Help API - Privilege Escalation security snot (Oct 24)
- Re: Re: HTML Help API - Privilege Escalation KF (Oct 24)
- Re: Re: HTML Help API - Privilege Escalation security snot (Oct 26)
- Re: HTML Help API - Privilege Escalation Sebastian Niehaus (Oct 24)
- Re: HTML Help API - Privilege Escalation KF (Oct 24)
- Re: Re: HTML Help API - Privilege Escalation Valdis . Kletnieks (Oct 24)