Full Disclosure mailing list archives
Re: some small bugs.
From: Noam Rathaus <noamr () beyondsecurity com>
Date: Mon, 16 Aug 2004 09:13:56 +0300
On Monday 16 August 2004 03:36, you wrote:
On Sun, 15 Aug 2004, Noam Rathaus wrote:#ll -l /usr/bin/X11/dpsinfo -rwxr-xr-x 1 root root 6456 Jul 7 18:07 /usr/bin/X11/dpsinfo symbols found)...(no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. 0x41414141 in ?? () (gdb) bt #0 0x41414141 in ?? () So Debian is also vulnerable, both these binaries come with the xbase-clients package.
Hi, I got numerous answers stating that its not setuid, nor is it worth exploiting since you already have a shell... I didn't post the message to the mailing list stating otherwise, all I wrote that it is probably not a distro related issue (by showing that debian is vulnerable to these problems as well), and that in fact both these files are NOT setuid, allowing no gaining of elevated privileges. That is all ... as the subject says... "some small bugs" -- Thanks Noam Rathaus CTO Beyond Security Ltd. Join the SecuriTeam community on Orkut: http://www.orkut.com/Community.aspx?cmm=44441 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- some small bugs. Gabriele Galadini (Aug 14)
- Re: some small bugs. kf_lists (Aug 14)
- Re: some small bugs. Gabriele Galadini (Aug 15)
- Re: some small bugs. Noam Rathaus (Aug 15)
- Re: some small bugs. Andrew Farmer (Aug 15)
- Re: some small bugs. Ted Unangst (Aug 15)
- Re: some small bugs. Noam Rathaus (Aug 16)
- Re: some small bugs. Jeffrey Denton (Aug 17)
- Re: some small bugs. Valdis . Kletnieks (Aug 17)
- Re: some small bugs. kf_lists (Aug 17)
- Re: some small bugs. Jeffrey Denton (Aug 17)
- Re: some small bugs. Valdis . Kletnieks (Aug 17)
- Re: some small bugs. kf_lists (Aug 14)