> tell, an attacker trying to exploit this is running in the same privilege
> level as the potential gain from an exploitable buffer overrun (i.e. - no
> security implications as there is no privilege escalation). This is in
You assume that the attacker has full control over root; but often
progra
Christian Jaeger wrote:
Whether this has security implications or not, I don't know.
It has, literally, been years since I touched the code. As far as I can
tell, an attacker trying to exploit this is running in the same
privilege level as the potential gain from an exploitable buffer overru
Package: privbind
Version: 1.1-1
Severity: normal
It looks to me like privbind is not allocating enough space for the
buffer that is being used for:
sprintf( newpreload, "%s:%s", options.libname, ldpreload );
This needs strlen of both arguments plus 1 byte for the : plus another
byte for the \0
3 matches
Mail list logo
