• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Debian "super" Buffer Overflow Vulnerabilities

Super is an administration tool shipped with Debian Linux installed setuid root that is supposed to allow users to execute some commands as root. There are at least two known buffer overflow vulnerabilities in super which allow a regular user to smash the stack and execute arbitrary commands as root unrestricted. The consequences are a local root compromise.