NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2001-04

From: Christer Öberg (dimIMTHERE.COM)
Date: Sun Apr 15 2001 - 18:12:53 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

VULNERABILITY DESCRIPTION

  Users can execute programs/shellscript by clicking on the bubblemon
app.
  bubblemon is installed sgid kmem on FreeBSD and does not drop its egid
before
  executing programs.

VERSIONS AFFECTED

All versions of BubbleMon up to 1.32 installed on FreeBSD .

EXAMPLE
  $ id
  uid=1000(christer) gid=1000(christer) groups=1000(christer)
  $ bubblemon id
  uid=1000(christer) gid=1000(christer) egid=2(kmem) groups=2(kmem),
1000(christer)

FIX
Get the new fixed version BubbleMon 1.32 from
http://www.ne.jp/asahi/linux/timecop

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]