[MPlayer-users] Buffer Overflow in Mplayer v0.91 and prior
Balatoni Denes
pnis at coder.hu
Sun Aug 31 23:38:30 CEST 2003
Hi!
Advisory/bugreport, same thing isn't it - and it was in fact a full bugreport.
On 2003. augusztus 31. 23.33, Joonas Koivunen wrote:
> [Automatic answer: RTFM (read DOCS, FAQ), also read DOCS/bugreports.html]
>
> On Monday 01 September 2003 00:37, D Richard Felker III wrote:
> > > bash-2.05b$ gmplayer `perl -e 'print "A" x 550'`
> >
> > Umm, this advisory is incredibly stupid. How is it a vulnerability if
> > you make mplayer (which runs as your uid) crash based on the filename
> > *you* give it on the command line?!? If this can be done from
> > playlists, then maybe it's a vulnerability, but this advisory doesn't
> > even address that.
> >
> > Rich
>
> Well what if someone gains access on a system where gmplayer ran with SUID,
> wouldn't it be possible to gain root shell via this exploit?
>
> -rzei
bye
Denes
More information about the MPlayer-users
mailing list