|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Tuesday, 30 May 2000||Author: Derrick H. Lewis|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Std View]|
Linux cdrecord Buffer Overflow Vulnerability
The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid "cdburner" (which is a group, gid: 80, that is created for the application). The overflow condition is the result of no bounds checking on the 'dev=' argument passed to cdburner at execution time.