[15066] in bugtraq
Buffer Overflow in fdmount (fwd)
daemon@ATHENA.MIT.EDU (Patrick J. Volkerding)
Fri May 26 00:44:09 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0005251849250.2815-100000@fuzzy.slackware.com>
Date: Thu, 25 May 2000 18:49:30 -0700
Reply-To: "Patrick J. Volkerding" <volkerdi@SLACKWARE.COM>
From: "Patrick J. Volkerding" <volkerdi@SLACKWARE.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
---------- Forwarded message ----------
Date: Thu, 25 May 2000 17:12:46 -0700 (PDT)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: Buffer Overflow in fdmount
fdmount vulnerability
---------------------
The fdmount program shipped with Slackware has been shown to be vulnerable to
a buffer overflow exploit. A user must be in the "floppy" group to execute
fdmount, but because fdmount is suid root this is a security problem.
A patched fdmount which replaces the offending sprintf() call with a
vsnprintf() (thus closing the hole and eliminating the security risk) has been
posted in an updated floppy.tgz package in Slackware-current. Please download
the new floppy.tgz and run upgradepkg on it.
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/a1/floppy.tgz
- Slackware Security Team
security@slackware.com
