Slackware: fdmount vulnerability

    Date25 May 2000
    CategorySlackware
    3423
    Posted ByLinuxSecurity Advisories
    A buffer overflow condition exists with fdmount on Slackware.
    fdmount vulnerability
    ---------------------
    
    The fdmount program shipped with Slackware has been shown to be vulnerable to
    a buffer overflow exploit.  A user must be in the "floppy" group to execute
    fdmount, but because fdmount is suid root this is a security problem.
    
    A patched fdmount which replaces the offending sprintf() call with a
    vsnprintf() (thus closing the hole and eliminating the security risk) has been
    posted in an updated floppy.tgz package in Slackware-current.  Please download
    the new floppy.tgz and run upgradepkg on it.
    
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/a1/floppy.tgz
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.