[14198] in bugtraq
Re: Corel Linux 1.0 dosemu default configuration: Local root vuln
daemon@ATHENA.MIT.EDU (VaMPiRe, WHiTe)
Tue Mar 7 10:18:21 2000
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="vOmOzSkFvhd7u8Ms"
Message-Id: <20000303025417.C1413@nirvana.projectgamma.com>
Date: Fri, 3 Mar 2000 02:54:17 -0500
Reply-To: whitevampire@mindless.com
From: "VaMPiRe, WHiTe" <whitvamp@MINDLESS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200003020436.PAA20168@jawa.chilli.net.au>; from suid@SUID.KG on
Thu, Mar 02, 2000 at 04:47:11AM +0000
--vOmOzSkFvhd7u8Ms
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
On Thu, Mar 02, 2000 at 04:47:11AM +0000, suid@SUID.KG(suid@SUID.KG) wrote:
<snip>
: Summary:
:=20
: Local users can take advantage of a packaging and configuration
: error (which has been known and documented for a long time) to
: execute arbitrary commands as root.
:=20
: We see from the doc/README/SECURITY file as well as
: http://www.dosemu.org/docs/README/0.98/README-3.html
: written in 1997 that this configuration is bad.
<snip>
Tested default configuration of dosemu on Slackware 7.0, no
vulnerability.
Regards,
--=20
__ ______ ____
/ \ / \ \ / / WHiTe VaMPiRe\Rem
\ \/\/ /\ Y / whitevampire@mindless.com
\ / \ / http://www.projectgamma.com/
\__/\ / \___/ http://www.gammaforce.org/
\/ "Silly hacker, root is for administrators."
--vOmOzSkFvhd7u8Ms
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
iQA/AwUBOL9vp9/q8ZpxA8pfEQKkdwCgwh68tX6NWe21l9JLkhIb3JEtAn4AnAtR
Frbg9nvoZiReJxpso6qhQu2w
=D8oK
-----END PGP SIGNATURE-----
--vOmOzSkFvhd7u8Ms--
