Originally Published: Tuesday, 30 May 2000 Author: Derrick H. Lewis
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Linux cdrecord Buffer Overflow Vulnerability

The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid "cdburner" (which is a group, gid: 80, that is created for the application). The overflow condition is the result of no bounds checking on the 'dev=' argument passed to cdburner at execution time.