I have been studying the Linux source code of POV-Ray (version that is
posted on web site).
It may be possible to obtain shell or other access to the host's computer by
exploiting bugs in pov's handling of command line parameters. Try this:
give pov a very long command line parameter and it crashes with a
segmentation fault. I am trying to see if this is exploitable, it
probably is.
A possible exploit of this could be to gain access to a computer
running pov as part of a render farm. The command line for pov depends on
the information sent from the server to the client farmer, so an
exploiter could spoof information and gain access to the user's computer.
The problematic file is optin.c
Post a reply to this message
|
