[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] /usr/bin/Mail buffer overflow
- Subject: Re: [cobalt-security] /usr/bin/Mail buffer overflow
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Sun, 4 Mar 2001 10:30:53 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Sat, 3 Mar 2001, Stephen Rice wrote:
> -----Original Message-----
> From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
> Date: 03 March 2001 19:32
> Subject: [cobalt-security] /usr/bin/Mail buffer overflow
>
>
> >Theres a buffer overflow on all Cobalt RaQs, most probably other Cobalt
> >products also, in /usr/bin/Mail.
>
> Given that all this achieves is crashing a program that runs under your own
> user ID, where is the security risk?
>
> Buffer overflows may allow you to execute arbritrary code, but as the
> program runs as yourself (it is not setuid), you still can't run code
> as another user, so it's not really much of an "exploit" is it?
Doh.
Guess who hadn't realised that... Under Debian and Slackware its suid
root/mail, appears under Redhat 5.2 onwords (and so Cobalt OS) that was
changed.