GV vulnerable to buffer exploit

To: debian-security@lists.debian.org, Marco Pistore <pistore@debian.org>
Subject: GV vulnerable to buffer exploit
From: Javier Fernandez-Sanguino Peña <jfernandez@sgi.es>
Date: Thu, 28 Sep 2000 15:55:52 +0200
Message-id: <[🔎] 39D34DE8.12C0DF23@sgi.es>

	I have just tested this on a Debian 2.2 box and works (save for gv not being
setuid). It seems that gv is vulnerable to a buffer overrun exploit which might
make it dump out to a shell. 
	More information available at
http://216.204.66.95/archive/exploits/09_00/%5bCODE.13.09.00%5d.linux-gv.c
	Version tested: 3.5.8

	This might be already known but I have not seen it in the lists previously, if
it is known please disregard this.

	
	Regards

	Javi

begin:vcard 
n:Fernández-Sanguino Peña;Javier
tel;fax:+34-91 806 46 41
tel;work:+34-91 806 46 40
x-mozilla-html:FALSE
org:SGI-GMV sistemas;Seguridad Lógica
adr:;;Sector Foresta 1;Tres Cantos;Madrid;E-28760;Spain
version:2.1
email;internet:jfernandez@sgi.es
x-mozilla-cpt:;28448
fn:Javier Fernández-Sanguino Peña
end:vcard

Reply to:

Prev by Date: Debian Security Advisory for esound
Next by Date: debian-security: Is RSA/DES part of any linux library
Previous by thread: Debian Security Advisory for esound
Next by thread: debian-security: Is RSA/DES part of any linux library
Index(es):
- Date
- Thread