[7819] in bugtraq
Re: Buffer overflows in Minicom 1.80.1
daemon@ATHENA.MIT.EDU (Willy TARREAU)
Mon Aug 31 13:48:45 1998
Date: Mon, 31 Aug 1998 09:21:03 +0200
Reply-To: Willy TARREAU <tarreau@AEMIAIF.LIP6.FR>
From: Willy TARREAU <tarreau@AEMIAIF.LIP6.FR>
To: BUGTRAQ@NETSPACE.ORG
>
> I have found some buffer overflows in Minicom 1.80.1 which comes setuid
> root with Slackware 3.5. I known that were discussed some overflows in
> other versions of minicom ( no setuid root) but i think it's "new" and
> more dangerous.
I've tested 1.75 which comes with RH5.0, and it also crashes when
TERM='aaaa....aaa'. Note that it seems to be only setgid uucp, but it's
vulnerable.
Willy
--
+----------------------------------------------------------------------------+
| Willy Tarreau - tarreau@aemiaif.lip6.fr - http://www-miaif.lip6.fr/willy/ |
| System and Network Engineer - NOVECOM - http://novworld.novecom.fr/ |
| Magistere d'Informatique Appliquee de l'Ile de France ( MIAIF ), Year 1997 |
+----------------------------------------------------------------------------+
