* --[ background * * BitchX contains an local exploitable Buffer Overflow condition. * Sometimes it is installed setUID to allow non-root users SSL * access for example and therfore it could be used by a mallicious * local user, to obtain root access. This code demonstrates the * described vulnerability and can be used to verify the bug on * your system(s). */
I have never, ever seen BitchX installed suid, and there's no reason it would be. SSL clients work just fine without suid.
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
