[Full-Disclosure] Fw: bug in uml_net

From: GaLiaRePt (galiarept_at_phreaker.net)
Date: 05/23/03

  • Next message: Sir Mordred: "[Full-Disclosure] nessus NASL scripting engine security issues"
    To: "Full Disclosure Mailing List" <full-disclosure@lists.netsys.com>
    Date: Fri, 23 May 2003 23:10:21 +0200
    

    There is a vulnerability in uml_net. The latest version is vulnerable too.
    The problem is the lack of bounds checking in uml_net.c from uml_utilities,
    A possible attack could lead to root compromise on some systems since for
    example uml_net comes suided root in RH 8.0 by default.

    Suggested patch:

    - if(v > CURRENT_VERSION){
    + if ((v > CURRENT_VERSION) || (v < 0)) {

    Contact: ktha@hushmail.com

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Sir Mordred: "[Full-Disclosure] nessus NASL scripting engine security issues"

    Relevant Pages

    • Re: [Full-disclosure] TCP/IP vulnerability
      ... I have listed some of the vulnerability, but need some good tools to exploit the vulnerability and to perform further analysis. ... Smurf Attack ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Immunix Secured OS 7+ file update
      ... An anonymous reporter has reported to iDEFENSE a vulnerability in file ... that could allow for a root compromise, should root run file on a ... Precompiled binary packages for Immunix 7+ are available at: ...
      (Bugtraq)
    • OpenSSH 2.2.0 - 3.1.0 server contains a locally exploitable buffer overflow
      ... and/or AFS Token passing. ... The vulnerability can lead ... to a root compromise. ... Marcell Fodor ...
      (Vuln-Dev)
    • Re: [fw-wiz] Variations of firewall ruleset bypass via FTP
      ... didn't carry through CERT- While Mikael was nice enough to code up "proof ... instead of the "produce attack code and announce the problem method.) ... but frankly all these folks (indeed also IPF) are his ... I'm willing to admit the risk assessment and the vulnerability ...
      (Firewall-Wizards)
    • RE: how to verify whether an attack attempt is successful?
      ... Certainly the techniques of combining vulnerability assessment data with ... attack information is an excellent way to determine success. ... if its behind an in-line network IPS and there ... play into the accuracy and usefulness of the 'success' metrics your IDS ...
      (Focus-IDS)