[3230] in bugtraq
Re: Possible bufferoverflow condition in lpr, xterm and xload
daemon@ATHENA.MIT.EDU (Nick Andrew)
Tue Aug 20 21:29:33 1996
Date: Wed, 21 Aug 1996 10:44:43 +1000
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Nick Andrew <nick@zeta.org.au>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <4vdb11$ft9@fludd.myrus> from "Zygo Blaxell" at Aug 20,
96 05:34:25 pm
Forwarding a message from Zygo Blaxell:
> Not that this is a significant benefit...if you're not root, writing to
> a file automatically turns off the set[ug]id bit.
It's a denial of service attack. but a fairly minor one.
Nick.
--
Kralizec Dialup Internet System Data: +61-2-9837-1183, 9837-1868
Zeta Microcomputer Software Fax: +61-2-9837-3753 Voice: 9837-1397
P.O. Box 177, Riverstone NSW 2765 http://www.kralizec.net.au/
