The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Possible root exploit in Linux povray


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Tue, 28 Jul 1998 21:57:18 -0600
From: Luke <[email protected]>
To: [email protected]
Subject: Possible root exploit in Linux povray

In the official (3.02) release of povray for linux, the s-povray binary
must be installed suid root to function (complains about not being able to
open /dev/console without it).  Giving a large filename:

$ s-povray -I`perl -e "print 'A'x1000"`

results in segfault.  Glancing over the code reveals a lot of strcpy()'s
and strcat()'s.  Dunno, need sleep now, work on exploit later if have time :)

Luke

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру