Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Linux :: Apps A-M :: lnx4960.htm

gpm-root local root format string vulnerabilities
28th Dec 2001 [SBWID-4960]

	gpm-root local root format string vulnerabilities


	gpm-root 1.17.8-18 (previous versions ??)


	In Debian Security Advisory DSA-095-1 []

	The package \'gpm\' contains the  \'gpm-root\'  program,  which  can  be
	used to  create  mouse-activated  menus  on  the  console.  Among  other
	problems, the gpm-root program contains a format  string  vulnerability,
	which allows an attacker to gain root privileges.

	Editors note : --------------

	It seems the problem lies in the shell mouse configuration  script  that
	wouldn\'t parse command line arguments properly.  Take  a  look  at  the


	Patch :



	Use aptget to ugrade binaries

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH