Brandon Bergren writes:
Jim Wilson wrote:
Root? I doubt it. Although, I suppose it _will_ run under root just like
anything else ;-)
Best,
Jim
Moments later, the well-crafted exploit hits the end of the buffer and
makes the jump to kernel space.
(reminds me of Unix Wars ;)
Slashdot reports that CVS versions 1.11.4 and lower can grant root access to
malicious remote users. They advise anyone running a cvs server to upgrade to
1.11.5 ASAP. You have been warned.
Bernie
http://developers.slashdot.org/developers/03/01/21/1752251.shtml?tid=128
Bernie Bright [EMAIL PROTECTED] said:
Slashdot reports that CVS versions 1.11.4 and lower can grant root access to
malicious remote users. They advise anyone running a cvs server to upgrade to
1.11.5 ASAP. You have been warned.
Root? I doubt it. Although, I suppose it _will_ run under
On Wed, 22 Jan 2003, Jim Wilson wrote:
Root? I doubt it. Although, I suppose it _will_ run under root just like
anything else ;-)
Experience in this field tells me that a nobody compromise usually is as
bad as a root compromise :-)
Cheers,
-- Bert
--
Bert Driehuis