Fwd: Re: LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCALROOTEXPLOIT
Carsten Wolff
AirWulf666 at gmx.net
Mon Jul 8 12:56:54 BST 2002
On Monday 08 July 2002 08:39, Andreas Pour wrote:
> Adrian Schroeter wrote:
> > > > To lose the ability to "return" to the prior effective uid, use
> > > > setuid(), as the patch does.
> >
> > Sorry, but the attached patch in Waldos mail does not do that, it only
> > fix one buffer overflow.
>
> Hi,
>
> A link to the correct patch is
> ftp://ftp.kde.org/pub/kde/stable/3.0.2/src/arts-1.0.3.diff , as just
> posted on dotsy.
Ehm, I think, the artswrapper.c - fix isn't in CVS right now, just the
string-thingy is.
Carsten.
--
| THE K Desktop Environment: | My very own little site: |
| http://www.kde.org | http://www.wolffcarsten.de |
| wolff at kde.org | |
More information about the kde-core-devel
mailing list