[vox] [Fwd: Cdrecord local root exploit.]
Micah J. Cowan
vox@lists.lugod.org
Wed, 14 May 2003 17:03:12 -0700
On Wed, May 14, 2003 at 01:18:29PM -0700, ME wrote:
> ---------------------------- Original Message ----------------------------
> Subject: Cdrecord local root exploit.
> From: yjm01 <yjm01@terra.com.br>
> Date: Tue, May 13, 2003 13:52
> To: bugtraq <bugtraq@securityfocus.com>
> --------------------------------------------------------------------------
>
> Priv8security.com
>
> Hi, here it is local root exploit cdrecord format string bug
> Cdrecord come suid root by default on mandrake distro and it can be
> executed by anybody.
Setuid cdrecord might make sense on systems *exclusively* for desktop
use; but why any distro would install it suid root by default is
beyond me. If I were running a server, I certainly want any idiot to
be able to screw with my CDRW drive...
The exploit itself doesn't disturb me so much: the only people who
should be able to use cdrecord at all should be folks with console
access anyway.
-Micah