[6742] in bugtraq
Re: Overflows in minicom
daemon@ATHENA.MIT.EDU (Tiago F P Rodrigues)
Mon May 11 18:22:58 1998
Date: Mon, 11 May 1998 12:32:02 +0200
Reply-To: Tiago F P Rodrigues <11108496@LIS.ULUSIADA.PT>
From: Tiago F P Rodrigues <11108496@LIS.ULUSIADA.PT>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19980510174903.08997@fan.nb.ca>
On Sun, 10 May 1998, William Burrow wrote:
> On Sat, May 09, 1998 at 09:48:55PM +0200, Tiago F P Rodrigues wrote:
> > It seems minicom(distributed with slak3.4) have some overflow
> > vulnerabilities, namely in the '-p' switch and when you pick a config
> > file on the arguments. (a strcpy and a sprintf)
> ...
> > If this is new, I may post an exploit if prompted to.
>
> What kind of exploit will you be able to get? Minicom is setgid uucp on
> my system, the worst you can do is upset UUCP operations, which don't happen
> here anyway, or possibly change the permissions on the dev file. System
> is Slack 3.2.
>
True enough, minicom is only sgid uucp in latest RedHat & Slakware
releases, though keep in mind if you rebuild minicom from source it will
install it setuid root by default.
