Date: Sat, 12 Apr 2008 20:32:36 +0100 From: Steve Kemp <steve@...ve.org.uk> To: oss-security@...ts.openwall.com Cc: coley@...re.org Subject: CVE request: tss <= 0.8.1-3: arbitary file reading Due to a lack of permissions checking, or privilege reduction the setuid(0) binary tss allows local users to read arbitrary files upon the local system. Sample "exploit" is: skx@...d:~$ tss -a /etc/shadow This opens up a console-based screen-saver displaying the animated contents of the shadow-file. Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475747 Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.