subject:"\[Flightgear\-devel\] Remote root exploit found in CVS"

Re: [Flightgear-devel] Remote root exploit found in CVS

2003-01-27 Thread Curtis L. Olson

Brandon Bergren writes:
 Jim Wilson wrote:
  Root?  I doubt it.  Although, I suppose it _will_ run under root just like
  anything else ;-)
  
  Best,
  
  Jim
 
 Moments later, the well-crafted exploit hits the end of the buffer and 
 makes the jump to kernel space.
 
 (reminds me of Unix Wars ;)

I've got one machine that no one will ever crack.  It's currently
powered off, never had a net connection, and buried 2 miles under the
surface of the earth in solid concrete.  See, there it is, all safe
and sou... hey, what the ... ?!?

Curt.
-- 
Curtis Olson   IVLab / HumanFIRST Program   FlightGear Project
Twin Cities[EMAIL PROTECTED]  [EMAIL PROTECTED]
Minnesota  http://www.menet.umn.edu/~curt   http://www.flightgear.org

___
Flightgear-devel mailing list
[EMAIL PROTECTED]
http://mail.flightgear.org/mailman/listinfo/flightgear-devel

[Flightgear-devel] Remote root exploit found in CVS

2003-01-21 Thread Bernie Bright

Slashdot reports that CVS versions 1.11.4 and lower can grant root access to
malicious remote users.  They advise anyone running a cvs server to upgrade to
1.11.5 ASAP.  You have been warned.

Bernie

http://developers.slashdot.org/developers/03/01/21/1752251.shtml?tid=128

___
Flightgear-devel mailing list
[EMAIL PROTECTED]
http://mail.flightgear.org/mailman/listinfo/flightgear-devel

Re: [Flightgear-devel] Remote root exploit found in CVS

2003-01-21 Thread Jim Wilson

Bernie Bright [EMAIL PROTECTED] said:

 Slashdot reports that CVS versions 1.11.4 and lower can grant root access to
 malicious remote users.  They advise anyone running a cvs server to upgrade to
 1.11.5 ASAP.  You have been warned.
 

Root?  I doubt it.  Although, I suppose it _will_ run under root just like
anything else ;-)

Best,

Jim

___
Flightgear-devel mailing list
[EMAIL PROTECTED]
http://mail.flightgear.org/mailman/listinfo/flightgear-devel

Re: [Flightgear-devel] Remote root exploit found in CVS

2003-01-21 Thread Bert Driehuis

On Wed, 22 Jan 2003, Jim Wilson wrote:

 Root?  I doubt it.  Although, I suppose it _will_ run under root just like
 anything else ;-)

Experience in this field tells me that a nobody compromise usually is as
bad as a root compromise :-)

Cheers,

-- Bert

-- 
Bert Driehuis -- [EMAIL PROTECTED] -- +31-20-3116119
If the only tool you've got is an axe, every problem looks like fun!


___
Flightgear-devel mailing list
[EMAIL PROTECTED]
http://mail.flightgear.org/mailman/listinfo/flightgear-devel

Re: [Flightgear-devel] Remote root exploit found in CVS

[Flightgear-devel] Remote root exploit found in CVS

Re: [Flightgear-devel] Remote root exploit found in CVS

Re: [Flightgear-devel] Remote root exploit found in CVS

4 matches

Site Navigation

Mail list logo

Footer information