[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: misc/screen local root compromise
- To: ports_(_at_)_openbsd_(_dot_)_org
- Subject: Re: misc/screen local root compromise
- From: Han <han_(_at_)_mijncomputer_(_dot_)_nl>
- Date: Thu, 6 Sep 2001 04:23:07 +0200
- Mail-followup-to: ports_(_at_)_openbsd_(_dot_)_org
David Krause (openbsd_(_at_)_davidkrause_(_dot_)_com) wrote:
> The screen authors didn't update the ChangeLog for 3.9.10, but
> apparently there is a local root compromise. Isn't that nice that
> they didn't seem to notify us. I saw the SuSE vulnerability above
> and it mentioned it. I haven't seen this on bugtraq yet or from any
> of the other vendors. The vulnerability only occurs if screen is
> installed setuid root.
Any good reason for screen to be suid?
Visit your host, monkey.org