[4029] in bugtraq
Re: [linux-security] Minicom 1.75 Vulnerability
daemon@ATHENA.MIT.EDU (John Henders)
Mon Feb 10 10:20:26 1997
Date: Mon, 10 Feb 1997 06:15:18 -0800
Reply-To: John Henders <jhenders@BOGON.COM>
From: John Henders <jhenders@BOGON.COM>
X-To: linux-security@redhat.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199702100144.FAA13523@mac.redline.ru>; from Dmitry E. Kim on Feb
10, 1997 05:44:53 +0400
On Feb 10, jason@redline.ru (Dmitry E. Kim) wrote:
>
> well, here is another standard buffer overrun vulnerability, which may
> sometimes lead to root compromise (not always. not in new distributions,
> fortunately). Current Slackware and current RedHat don't install minicom
> suid root, only sgid/uucp, which is not *that* dangerous. But when you
> build minicom from source, it asks you to do "chmod +s" on it.
>
> Summary:
> Vulnerability in minicom allows (certain) local users to obtain group
> "uucp" privileges and, in certain cases, root privileges.
Unless it's changed recently, minicom also requires you to be in a
minicom.users file to use it at all, which alleviates the risk somewhat.
The idea of allowing public users of a system unrestricted access to a
dialout port is pretty scarey on it's own, so I would hope anyone using
minicom would be pretty careful about who was in that file.
--
Artificial Intelligence stands no chance against Natural Stupidity.
GAT d- -p+(--) c++++ l++ u++ t- m--- W--- !v
b+++ e* s-/+ n-(?) h++ f+g+ w+++ y*
