[21927] in bugtraq
Re: top format string bug exploit code (exploitable)
daemon@ATHENA.MIT.EDU (Joe Warren-Meeks)
Fri Jul 27 12:13:30 2001
Date: Fri, 27 Jul 2001 11:45:13 +0100
From: Joe Warren-Meeks <joe@hole-in-the.net>
To: bugtraq@securityfocus.com
Message-ID: <20010727114513.A26312@hole-in-the.net>
Reply-To: joe@hole-in-the.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.NEB.4.33.0107251717271.16903-100000@localhost>; from abs@formula1.com on Wed, Jul 25, 2001 at 05:18:42PM +0100
On Wed, Jul 25, 2001 at 05:18:42PM +0100, David Brownlee scribed:
> > possible to get kmem priviledge in the XXXXBSD which is still not patched,
> > possible to get root priviledge in solaris .
>
> As regards NetBSD: I don't know about earlier versions, but 1.5
> and later will be safe from this (or any other top exploit) as
> the binary is not setid.
joe@black:/home/joe $ uname -a
OpenBSD black 2.9 Black#0 i386
joe@black:/home/joe $ ls -las /usr/bin/top
36 -r-xr-xr-x 1 root bin 36864 Jun 23 16:41 /usr/bin/top
joe@black:/home/joe $
-- joe.
