[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 Jul 2008 21:38:39 +0200
From: Nico Golde <oss-security+ml@...lde.de>
To: oss-security@...ts.openwall.com
Subject: CVE id request: op
Hi,
op, a replacement for sudo that is used to grant access to
certain root operations to users suffers of a stack based
buffer overflow because of missing bounds check of the
XAUTHORITY variable used if op is configured with
--enable-xauth and op.conf uses the xauth configuration
option. Under a normal installation this tool runs with an
effective user id 0 so it is possible to exploit this and
get more privileges or execute arbitrary code with root
privileges.
Fixed upstream changeset:
http://swapoff.org/changeset/563
Steve, could you assign a CVE id to this?
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
