[20228] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

BubbleMon 1.31

daemon@ATHENA.MIT.EDU (Christer =?iso-8859-1?Q?=D6berg?=)
Mon Apr 16 14:04:46 2001

MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID:  <3ADA2AF5.7AA7A8DF@imthere.com>
Date:         Mon, 16 Apr 2001 01:12:53 +0200
Reply-To: Christer =?iso-8859-1?Q?=D6berg?= <dim@IMTHERE.COM>
From: Christer =?iso-8859-1?Q?=D6berg?= <dim@IMTHERE.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

VULNERABILITY DESCRIPTION

  Users can execute programs/shellscript by clicking on the bubblemon
app.
  bubblemon is installed sgid kmem on FreeBSD and does not drop its egid
before
  executing programs.

VERSIONS AFFECTED

  All versions of BubbleMon up to 1.32 installed on FreeBSD .

EXAMPLE
  $ id
  uid=1000(christer) gid=1000(christer) groups=1000(christer)
  $ bubblemon id
  uid=1000(christer) gid=1000(christer) egid=2(kmem) groups=2(kmem),
1000(christer)

FIX
  Get the new fixed version BubbleMon 1.32 from
http://www.ne.jp/asahi/linux/timecop


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20228] in bugtraq

BubbleMon 1.31

daemon@ATHENA.MIT.EDU (Christer =?iso-8859-1?Q?=D6berg?=)Mon Apr 16 14:04:46 2001

daemon@ATHENA.MIT.EDU (Christer =?iso-8859-1?Q?=D6berg?=)
Mon Apr 16 14:04:46 2001