search for: bohosiewicz

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Date: Wed, 19 Aug 1998 23:30:58 +0200 (EEST) From: Marcin Bohosiewicz <marcus@venus.wis.pk.edu.pl> To: redhat-announce-list@redhat.com Subject: screen-3.7.4 (security update) Message-ID: <Pine.LNX.3.96.980819232924.15924A-100000@venus.wis.pk.edu.pl> I updated my package after BUGTRAQ fix for tmp-races in screen package. I built this package on RedHa...

...), sizeof(termname)) == NULL) > >lame exploit for linux included below (works from time to time): [exploit was here] Elm without this bug is now available from: ftp://venus.wis.pk.edu.pl/pub/RPMS/elm-2.4.25-8.i386.rpm ftp://venus.wis.pk.edu.pl/pub/SRPMS/elm-2.4.25-8.src.rpm M. -| == Marcin Bohosiewicz marcus@venus.wis.pk.edu.pl == |- -| == tel. +048 (0-12) 37-44-99 marcus@krakow.linux.org.pl == |- -| == Strona Domowa - http://venus.wis.pk.edu.pl/marcus/ == |-

-| == Marcin Bohosiewicz marcus@venus.wis.pk.edu.pl == |- -| == tel. +048 (0-12) 37-44-99 marcus@krakow.linux.org.pl == |- -| == Strona Domowa - http://venus.wis.pk.edu.pl/marcus/ == |- ---------- Forwarded message ---------- Date: Sat, 26 Apr 1997 16:16:05 -0400 From: George Staikos <staikos@0WNED...

cxterm is a Chinese terminal emulator for the X Window System. It''s installed as suid-root by default if you did a make install. Just like xterm, it does needs to be suid to update /etc/utmp...blahblah... I discovered some buffer overflow bugs in it. The code attached below is the exploit. Quick fix? chmod -s /path/cxterm

-----BEGIN PGP SIGNED MESSAGE----- Buffer overflow in the resource handling code of the libXt (X11R6) Thu May 29, 1997 Distribution of this document is unlimited Copyright (C) Alexander O. Yuriev (alex@yuriev.com) Net Access Abstract A buffer overflow was found in the resource handling