Re: [SECURITY] [DSA 522-1] New super packages fix format string vulnerability
On Sat, Jun 19, 2004 at 11:46:37AM +0200, Bernhard Kuemel wrote: > Matt Zimmerman wrote: > > >Package: super > >Vulnerability : format string > >Problem-Type : remote > > >Max Vozeler discovered a format string vulnerability in super, a > >program to allow specified users to execute commands with root > >privileges. This vulnerability could potentially be exploited by a > >local user to execute arbitrary code with root privileges. > > Why is the problem remote, when it can be exploited by a local user? Late night. -- - mdz
Re: [SECURITY] [DSA 522-1] New super packages fix format string vulnerability
On Sat, Jun 19, 2004 at 11:46:37AM +0200, Bernhard Kuemel wrote: > Matt Zimmerman wrote: > > >Package: super > >Vulnerability : format string > >Problem-Type : remote > > >Max Vozeler discovered a format string vulnerability in super, a > >program to allow specified users to execute commands with root > >privileges. This vulnerability could potentially be exploited by a > >local user to execute arbitrary code with root privileges. > > Why is the problem remote, when it can be exploited by a local user? Late night. -- - mdz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 522-1] New super packages fix format string vulnerability
Hi Matt! Matt Zimmerman wrote: Package: super Vulnerability : format string Problem-Type : remote Max Vozeler discovered a format string vulnerability in super, a program to allow specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges. Why is the problem remote, when it can be exploited by a local user? Bernhard -- Webspace; Low end Serverhousing ab 15 e, etc.: http://www.bksys.at Linux Admin/Programmierer: http://bksys.at/bernhard/services.html
Re: [SECURITY] [DSA 522-1] New super packages fix format string vulnerability
Hi Matt! Matt Zimmerman wrote: Package: super Vulnerability : format string Problem-Type : remote Max Vozeler discovered a format string vulnerability in super, a program to allow specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges. Why is the problem remote, when it can be exploited by a local user? Bernhard -- Webspace; Low end Serverhousing ab 15 e, etc.: http://www.bksys.at Linux Admin/Programmierer: http://bksys.at/bernhard/services.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]