Some versions (the util-linux version, but not the netwrite or netkit
versions) of /usr/bin/write have a buffer overrun problem that is
almost certainly exploitable. Note that this gives access to the tty
group, but not (directly) root.
The fix is to change the two sprintfs to snprintfs. Patches have been
mailed to the maintainer.
--
- David A. Holland | VINO project home page:
dholland@eecs.harvard.edu | http://www.eecs.harvard.edu/vino
Reasonably Related Threads
Wisdom of the Ancients
