|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: mtr-0.42 is out.
From: Rogier Wolff (R.E.Wolff
BITWIZARD.NL)Date: Sat Mar 04 2000 - 03:04:50 CST
- Next message: Ussr Labs: "con\con is a old thing (anyway is cool)"
- Previous message: Nate Eldredge: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi everyone,
In response to Viktor's recent publication that mtr might be
vulnerable to an attack because it didn't fully drop root privileges,
mtr-0.42 is now out.
As usual, most of the patch is due to the fact that I upgraded
auto-something.
I'm pretty confident that an attack WAS possible. (Although I don't
know of ANY exploit in curses, gtk or mtr, I'm confident there is one).
The offending seteuid call has been in the source since version 0.20.
I seem to remember that the setuid that we use now caused problems
(i.e. not working or not compiling) on some platforms, however, I have
no record of any version having setuid, so I must be imagining things.
The setuid there is obviously correct, and what was intended in the
first place.
Plug: mtr is a full-screen combination of ping and traceroute, and
works much faster than traceroute.
Roger.
-- ** R.E.Wolff
- Next message: Ussr Labs: "con\con is a old thing (anyway is cool)"
- Previous message: Nate Eldredge: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]