[2589] in bugtraq
Re: Repost: Security bug in SGI VideoFramer
daemon@ATHENA.MIT.EDU (martinh@mailhost.emap.co.uk)
Thu May 23 13:20:05 1996
Date: Thu, 23 May 1996 10:03:01 +0000
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: martinh@mailhost.emap.co.uk
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.SGI.3.91.960514232004.7373A-100000@bifrost>
On Tue, 14 May 1996, Hui-Hui Hu wrote:
> Stardot Networks / Security vulnerability [SDN-2-sgi-videoframer]
>
> PROBLEM. sb_encode is installed setuid in /usr/video/vfr/bin and does not
> check for permissions/ownership. sb_encode takes an IRIS RGB-format image
> file and spits out a VideoFramer format file (.vfr).
>
> REPEAT BY: /usr/video/vfr/bin/sb_encode -o [file-to-overwrite] [iris-image]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> TEMPORARY FIX.
>
> # chmod -s /usr/video/vfr/*
Since the sb_encode program is in a subdirectory of /usr/video/vfr/
shouldn't the fix be:
# chmod -R -s /usr/video/vfr/*
M.
##################################################################
# Martin Hargreaves (martin@datamodl.demon.co.uk) Computational #
# Director, Datamodel Ltd Chemist #
# Contract Unix system admin/Unix security Sysadmin #
##################################################################
