|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Remote buffer overflow in gnomeicu 0.93
From: Roman Shterenzon (roman
xpert.com)Date: Sun Oct 29 2000 - 12:00:32 CST
- Next message: Max Khon: "chpass advisory"
- Previous message: Jan Knepper: "ipfw reference"
- Next in thread: Jacques A. Vidrine: "Re: Remote buffer overflow in gnomeicu 0.93"
- Reply: Jacques A. Vidrine: "Re: Remote buffer overflow in gnomeicu 0.93"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, 29 Oct 2000, Jeremy Norris wrote:
> Gnomeicu doesn't run with any privelege however, unless one is foolish enough
> to run it as root. At worse, a deviant person could crash it and gain access as
> an unprivleged user. Is thate enough to make a port FORBIDDEN?
It's a serious security breach, like giving someone to login as you
without a password. That's exactly the same. Seems like a very serious
problem to me.
It's just a matter of time when the attacker will elevate her priveledges.
> Jeremy
>
> On Sun, Oct 29, 2000 at 01:38:30AM +0200, Roman Shterenzon wrote:
> > On Sat, 28 Oct 2000, Jeremy Norris wrote:
> >
> > > I would think this would be a problem with all icq clients, since icq opens up
> > > a tcp port by default. Gnomeicu at least, however, lets you pick what port.
> > >
> > > Jeremy
> > But, gnomeicu is the only one I've seen that crashes when sent too much
> > data on that port.
> > That's security breach.
> >
> > > On Sat, Oct 28, 2000 at 12:46:08AM +0200, Roman Shterenzon wrote:
> > > > Hi,
> > > >
> > > > Yesterday, running sockstat I noticed that openicu listens on TCP port 4000.
> > > > I was curious so I fed it with some zeroes from /dev/zero, and, it crashed
> > > > like a charm. I'm suspecting buffer overflow which may allow an intruder
> > > > to receive a shell on victim's machine.
> > > > Looking at code advises that the port can be chosen from 4000-4100 range.
> > > > I believe it needs to be checked and the port marked as FORBIDDEN meanwhile.
> > > > Sorry if it's false alarm.
> > > >
> > > > --Roman Shterenzon, UNIX System Administrator and Consultant
> > > > [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]
> > > >
> > > >
> > > > To Unsubscribe: send mail to majordomoFreeBSD.org
> > > > with "unsubscribe freebsd-ports" in the body of the message
> > >
> >
> > --Roman Shterenzon, UNIX System Administrator and Consultant
> > [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]
> >
> >
> >
> > To Unsubscribe: send mail to majordomoFreeBSD.org
> > with "unsubscribe freebsd-ports" in the body of the message
>
--Roman Shterenzon, UNIX System Administrator and Consultant
[ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Max Khon: "chpass advisory"
- Previous message: Jan Knepper: "ipfw reference"
- Next in thread: Jacques A. Vidrine: "Re: Remote buffer overflow in gnomeicu 0.93"
- Reply: Jacques A. Vidrine: "Re: Remote buffer overflow in gnomeicu 0.93"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]