Linux GNOME exploit

From: John Kodis <kodis jagunet com>
To: gnome-devel-list gnome org
Subject: Linux GNOME exploit
Date: Mon, 27 Sep 1999 20:31:00 -0400

I received the following report of an exploitable buffer overflow in
one of the Gnome libraries in this morning's Bugtraq feed.  I thought
that I'd pass it along, as this should clearly get resolved before the
upcoming stable Gnome release.

-- John Kodis.

----- Forwarded message from Brock Tellier <btellier@WEBLEY.COM> -----

Greetings,

    Virtually any program using the GNOME libraries is vulnerable to a
buffer overflow attack.  The attack comes in the form:

/path/to/gnome/prog --enable-sound --espeaker=$80bytebuffer

The following exploit should work against any GNOME program, though I
tried it on (the irony) /usr/games/nethack, which is SGID root by default
on RH6.0.  An attack on any program will look something like this:

[ Exploit code snipped in the interest of brevity.  It's in the
  Bugtraq archive if you're really curious. ]

----- End forwarded message -----

Follow-Ups:
- Re: Linux GNOME exploit
  - From: Elliot Lee

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]