[17792] in bugtraq
Re: local exploit for linux's Koules1.4 package
daemon@ATHENA.MIT.EDU (Kris Kennaway)
Mon Nov 27 13:17:01 2000
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N"
Content-Disposition: inline
Message-Id: <20001124162025.A72704@citusc17.usc.edu>
Date: Fri, 24 Nov 2000 16:20:26 -0800
Reply-To: Kris Kennaway <kris@FREEBSD.ORG>
From: Kris Kennaway <kris@FREEBSD.ORG>
X-To: Guido Bakker <guidob@mainnet.nl>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <00112009101300.24798@guidob>; from guidob@mainnet.nl on Mon,
Nov 20, 2000 at 09:10:13AM +0100
--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Mon, Nov 20, 2000 at 09:10:13AM +0100, Guido Bakker wrote:
> First of all I wasn't planning to go and release another ordinary stack
> smash, but I found the setuid game on some wargame/hackme I played on.
> Funny thing was that the exploitability proved to be a bit harder than I
> had anticipated at first.
The FreeBSD xkoules port doesnt install anything setuid or
setgid..therefore not vulnerable.
Kris
--fUYQa+Pmc3FrFX/N
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjofBckACgkQWry0BWjoQKVujQCgtna9Dgc6R80BMww9F2XBGfWL
zCkAnRrdY5bOVRxRMLTF3qA6YPk2KzXe
=C0c4
-----END PGP SIGNATURE-----
--fUYQa+Pmc3FrFX/N--
