httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Re: [TEST] changes to bugdb.cgi
Date Mon, 02 Jun 1997 18:23:08 GMT
On Sat, 31 May 1997, Marc Slemko wrote:
> marc@taz:~/gnats/gnats-3.99-beta/gnats$ query-pr -p foo
> adfasfasfasfdasfadfasfasfasfdasdfasfasfasfdasdfasfasfasfdasdfasfasfasfdasdfasfasfasfdasdfasfasfasfdasdfasfasfasfdas
> Segmentation fault (core dumped)
> 
> Since pat is statically allocated, I am quite sure I could turn it into an
> exploit to get a shell.  I'm more worried about such holes in the programs
> that are setuid gnats.

There is a version 3.102 at ftp://ftp.cygnus.com/pub/.  I haven't checked if it
fixes the hole, but if we're going to bitch to them about it (which I think we
definitely should) then we should make sure they're using the most current one.

> BTW, there is nothing preventing anyone with a shell on taz from editing
> PRs is there?

Not that I'm aware of.

Marc or Ken, I'd be happy to give you the password to the gnats user account on
hyperreal, which would give you direct access to configuration and pr db
administration.  

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS


Mime
View raw message