[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#2147: rxvt security hole

This has been fixed in rxvt-2.10-2


(note my reply address is corrupt, mail to andrew@it.com.au)

______________________________ Reply Separator _________________________________
Subject: Bug#2147: rxvt security hole
Author:  "jas1"@torvalds.ultranet.com@INTERNET@MAILGW at DECPostmaster
Date:    16/1/96 6:36 PM

Package: rxvt
Version: 2.10-1

    There is a very serious bug that can grant root access through the
use of a suid root rxvt.  The affected program is included in both
the development and stable releases.  I tried it on my system and it took less
than one minute to gain root access from a normal user account.

--- Begin Message ---
Return-path: debian-devel-request
Received: from atdgateway.atd.cra.com.au by mailgw.minenco.cra.com.au
 (PMDF V5.0-3 #14022) id <01I036HO1BWW0001FR@mailgw.minenco.cra.com.au> for
 andrew.howell@hi.cra.com.au; Tue, 16 Jan 1996 18:36:20 +1100
Received: from kryten.it.com.au ([]) by atdgateway.atd.cra.com.au
 with SMTP; Tue, 16 Jan 1996 18:05:34 +1100 (EST)
Received: by kryten.it.com.au id m0tc5SS-000AZeC
 (Debian /\oo/\ Smail3.1.29.1 #29.35); Tue, 16 Jan 96 15:05 WST
Received: from mongo.pixar.com ([]) by kryten.it.com.au with smtp
 id m0tc5SF-000AZcC (Debian /\oo/\ Smail3.1.29.1 #29.35); Tue,
 16 Jan 96 15:05 WST
Received: by mongo.pixar.com (8.7.1) id XAA09418; Mon,
 15 Jan 1996 23:03:33 -0800 (PST)
Resent-date: Tue, 16 Jan 1996 07:03:02 +0000 (GMT)
Resent-from: jas1@torvalds.ultranet.com (Jeff Senecal)
Resent-sender: andrew@mailgw.minenco.cra.com.au (Andrew Howell)
Resent-sender: debian-devel-request@Pixar.com
Resent-to: debian-devel@Pixar.com
Resent-message-id: <debian-bugs-handler.2147.B01160657100@pixar.com>
X-Mailer: ELM [version 2.4 PL24 PGP2]
Precedence: list
Old-Return-Path: <iwj10@cus.cam.ac.uk>
X-Debian-Pr-Package: rxvt
X-Mailing-List: <debian-devel@Pixar.com> archive/latest/9165
X-Loop: debian-devel@Pixar.com

--- End Message ---

Reply to: