Borland Interbase local root exploit

From: grazer@digit-labs.org
Date: 09/25/02

• Previous message: Ka: "Re: Information Disclosure with Invision Board installation (fwd)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 25 Sep 2002 12:05:32 -0700 (PDT)
From: <grazer@digit-labs.org>
To: <submissions@securiteam.com>

Hello,

I've found a bug in the Interbase gds_lock_mgr binary which is shipped
with all versions of the Sun Cobalt RAQ (XTR/4/550 etc.) and is suid by
default.

Borland did not respond to my emails. The exploit is attached.
Note: other bug than disclosed by snosoft some weeks ago.

Sincerely yours,

Wouter ter Maat aka grazer

---

• TEXT/x-csrc attachment: interbase-gds-exploit.c

---

• Previous message: Ka: "Re: Information Disclosure with Invision Board installation (fwd)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: *BSD banner INT overflow vulnerability ... Why in the world would someone add a suid bit to banner? ... Maybe it's a bug, but you had to work hard to turn it into a vulnerability. ... (Bugtraq) kbdcontrol bug ... Its not a serious security problem, just a bug, kbdcontrol is not suid. ... (freebsd-hackers)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)