[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] /usr/bin/Mail buffer overflow

Subject: Re: [cobalt-security] /usr/bin/Mail buffer overflow
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Sun, 4 Mar 2001 10:30:53 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Sat, 3 Mar 2001, Stephen Rice wrote:

> -----Original Message-----
> From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
> Date: 03 March 2001 19:32
> Subject: [cobalt-security] /usr/bin/Mail buffer overflow
>
>
> >Theres a buffer overflow on all Cobalt RaQs, most probably other Cobalt
> >products also, in /usr/bin/Mail.
>
> Given that all this achieves is crashing a program that runs under your own
> user ID, where is the security risk?
>
> Buffer overflows may allow you to execute arbritrary code, but as the
> program runs as yourself (it is not setuid), you still can't run code
> as another user, so it's not really much of an "exploit" is it?

Doh.

Guess who hadn't realised that...  Under Debian and Slackware its suid
root/mail, appears under Redhat 5.2 onwords (and so Cobalt OS) that was
changed.

References:
- Re: [cobalt-security] /usr/bin/Mail buffer overflow
  - From: Stephen Rice

Prev by Date: Re: [cobalt-security] /usr/bin/Mail buffer overflow
Next by Date: Re: [cobalt-security] [RaQ3]Open ports
Previous by thread: Re: [cobalt-security] /usr/bin/Mail buffer overflow
Next by thread: [cobalt-security] [RaQ3]Open ports

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index