Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core
From: Przemyslaw Frasunek (venglin@freebsd.lublin.pl)Date: 12/03/01
- Previous message: KF: "Re: core dump on mingetty and getty"
- In reply to: Scott Mackenzie: "Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core"
- Next in thread: jon schatz: "Re: Can anyone verify a core dump on /sbin/mingetty"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl> To: Scott Mackenzie <smackenz@brad.ac.uk>, vuln-dev@securityfocus.com Date: Mon, 3 Dec 2001 21:23:06 +0100
On Monday 03 December 2001 21:07, Scott Mackenzie wrote:
> This problem is positive in the following systems:
> * note there could and probably are more but I've only had word of the
> following systems being tested
What's the point of this overflow? Getty isn't suid and init doesn't call it
with user-controlable arguments. Mgetty on FreeBSD even isn't
world-executable:
-rwx------ 1 root wheel 94732 18 Sty 2001 /usr/local/sbin/mgetty
-- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * * Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
- Previous message: KF: "Re: core dump on mingetty and getty"
- In reply to: Scott Mackenzie: "Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core"
- Next in thread: jon schatz: "Re: Can anyone verify a core dump on /sbin/mingetty"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
