superprobe Buffer Overflow Vulnerability

superprobe is an program supplied with XFree86 that helps determine video hardware. It is shipped with Slackware Linux 3.1 and is installed setuid root. There is an exploitable strcpy buffer overflow in the TestChip() function which allows for a trivial local root compromise.


 

Privacy Statement
Copyright 2010, SecurityFocus