Re: cxterm buffer overrun

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Mike Neuman: "Re: Reminder for irix ppl"
• Previous message: David Hyams: "Re: potential root exploit with help from sam (HP-UX 10.x)"
• Maybe in reply to: Aleph One: "cxterm buffer overrun"

> ---------- Forwarded message ----------
> Date: Wed, 14 May 1997 09:30:19 -0700
> From: Ming Zhang <mzhang@softcom.net>
> Reply-To: linux-security@redhat.com
> To: linux-security@redhat.com
> Subject: [linux-security] cxterm buffer overrun
>
> cxterm is a Chinese terminal emulator for the X Window System.
> It's installed as suid-root by default if you did a make install.
> Just like xterm, it does needs to be suid to update
> /etc/utmp...blahblah...
>
> I discovered some buffer overflow bugs in it. The code
> attached below is the exploit.
>
> Quick fix? chmod -s /path/cxterm
>
This bug exits in color_xterm
I tested exploit on Slackware 3.1 and it work
leto@arrakis.cs.put.poznan.pl

• Next message: Mike Neuman: "Re: Reminder for irix ppl"
• Previous message: David Hyams: "Re: potential root exploit with help from sam (HP-UX 10.x)"
• Maybe in reply to: Aleph One: "cxterm buffer overrun"