From spacey@aleph.sensenet.com Fri Aug 16 16:37:14 1996 Received: from aleph.sensenet.com (spacey@aleph.sensenet.com [199.33.238.2]) by suburbia.net (8.7.4/Proff-950810) with SMTP id QAA30053 for ; Fri, 16 Aug 1996 16:37:04 +1000 Received: (from spacey@localhost) by aleph.sensenet.com (8.6.11/8.6.9) id CAA06289; Fri, 16 Aug 1996 02:26:56 -0400 From: "Peter C. Norton" Message-Id: <199608160626.CAA06289@aleph.sensenet.com> Subject: [linux-alert] Vulnerability in ALL linux distributions (fwd) To: best-of-security@suburbia.net Date: Fri, 16 Aug 1996 02:26:55 -0400 (EDT) Cc: micro@aleph.sensenet.com (Fred Basil), tom@lenin.cc.rochester.edu, moose@lenin.cc.rochester.edu X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit This is a security bulletin relating to a buffer overflow condition present in the mount(8) command in all linux distributions. bloodmask seemed to have said: > Greetings folks, > Sorry we haven't released this thing sooner, due to testing we've > conducted to determine vulnerability on other systems besides Linux, > I've attached the officail release, Patch this up quick, and if I were > you, I wouldn't trust those old binaries to be secure anymore, this > thing has been with Linux since it's beggining, at it's high time this > "feature" is removed. > > --------------3E2982D84A560D2D9A831FA > Content-Type: text/plain; charset=us-ascii; name="cvnmount.exploit" > Content-Transfer-Encoding: 7bit > Content-Disposition: inline; filename="cvnmount.exploit" > > Covin Security Releases: > (mount bufferoverflow exploit v1.0) > > Tested operated systems: All current distributions of Linux > > Affect: Local users on systems affected can gain overflow mounts syntax > buffer and execute a shell by overwriting the stack. > > Affected binaries: > (/bin/mount and /bin/umount) > > Workaround: > On all current distributions of Linux remove suid bit of /bin/mount and > /bin/umount. > [chmod -s /bin/mount;chmod -s /bin/umount] > > Remarks: > For gods sake, how many more times are we gonna see this kind of problem? > It's been with Linux since it's very beggining, and it's so easy to > exploit. Similiar buffer overflow vulnerabilities have been found in > Linux distributions many times before, splitvt, dip, just to name a few > examples. > > > Any remarks, notes or other forms of feedback may be redirected to: > bloodmask@mymail.com > <------------------------------[ Cut here ]----------------------------------> > > /* Mount Exploit for Linux, Jul 30 1996 > > [Mod: Exploit removed for linux-alert posting; it's already been posted > to linux-security and Bugtraq. This vulnerability is not new news, but > since exploits are now being published I'm posting this to linux-alert > for those that might not yet have gotten the news. --Jeff.] > > --------------3E2982D84A560D2D9A831FA-- > -- - Hofstadter's Law: It always takes longer then you expect, - - even when you take into account Hofstadter's Law - spacey@sensenet.com http://www.sensenet.com Systems Administrator, Sensenet, Inc.