Re: DJB's students release 44 *nix software vulnerability advisories

To: Jonathan Rockway <jrockw2@xxxxxxx>
Subject: Re: DJB's students release 44 *nix software vulnerability advisories
From: Casper.Dik@xxxxxxx
Date: Wed, 22 Dec 2004 18:56:18 +0100
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <A938F918-53CC-11D9-88EF-000D932F57A2@xxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <Pine.A41.4.58.0412201706570.241672@xxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0412211456120.5237@xxxxxxxxxxxxxxxxxxxxxxxxx> <A938F918-53CC-11D9-88EF-000D932F57A2@xxxxxxx>
Sender: casper@xxxxxxxxxxxxxxx

>/bin/sh exists to run shell commands.  That is the purpose of the 
>shell.  NASM, on the other hand, is designed to create object files 
>from assembly files.  If NASM starts running arbitrary code on your 
>machine, it's doing something unauthorized.  That is a security hole.  
>By typing "nasm file.S" you are not intending to authorize the author 
>of file.S to take over your account, right?

What other purpose does NASM have other than to compile code
and then, implicitely, run it?

I could buy the argument for a webbrowser or a wordprocessor;
but a assembler or compiler?

>Also, could you please show me this shell script you speak of?  All the 
>shell scripts I know of that give me root access require me to type the 
>root password.   If you have found a way around this, then you are 
>correct, "every UNIX system on Earth has a remote hole". :)

Any script which exploits a local security hole would do.

>Setting buff[1023] to '\0' is a good idea, since vsnprintf won't do 
>that if vsprintf(buff, fmt, args) generates 1024 bytes.

You should have paid better attention in class.

Casper

References:
- Re: DJB's students release 44 *nix software vulnerability advisories
  - From: Jonathan T Rockway
- Re: DJB's students release 44 *nix software vulnerability advisories
  - From: David F. Skoll
- Re: DJB's students release 44 *nix software vulnerability advisories
  - From: Jonathan Rockway

Prev by Date: [ GLSA 200412-23 ] Zwiki: XSS vulnerability
Next by Date: RE: DJB's students release 44 *nix software vulnerability advisories
Previous by thread: Re: DJB's students release 44 *nix software vulnerability advisories
Next by thread: Re: DJB's students release 44 *nix software vulnerability advisories
Index(es):
- Date
- Thread