[security] Security Advisories

Lorenzo Iannuzzi nakis a libero.it
Sab 28 Feb 2004 00:03:43 CET


A programming error has been found in the jail_attach(2) system call
which affects the way that system call verifies the privilege
level of the calling process.  Instead of failing immediately if the
calling process was already jailed, the jail_attach(2) system call
would fail only after changing the calling process's root directory.


Steve Kemp discovered a number of buffer overflow vulnerabilities in
xboing, a game, which could be exploited by a local attacker to gain
gid "games".

Ciao e alla prossima!
-------------- parte successiva --------------
Un allegato non testuale  stato rimosso....
Nome:        non disponibile
Tipo:        application/pgp-signature
Dimensione:  244 bytes
Descrizione: non disponibile
Url:         http://itlists.org/pipermail/security/attachments/20040228/3177e6fa/attachment.pgp 

Maggiori informazioni sulla lista security