I have just tested this on a Debian 2.2 box and works (save for gv not being
setuid). It seems that gv is vulnerable to a buffer overrun exploit which might
make it dump out to a shell.
More information available at
http://216.204.66.95/archive/exploits/09_00/%5bCODE.13.09.00%5d.linux-gv.c
Version tested: 3.5.8
This might be already known but I have not seen it in the lists previously, if
it is known please disregard this.
Regards
Javi
begin:vcard
n:Fernández-Sanguino Peña;Javier
tel;fax:+34-91 806 46 41
tel;work:+34-91 806 46 40
x-mozilla-html:FALSE
org:SGI-GMV sistemas;Seguridad Lógica
adr:;;Sector Foresta 1;Tres Cantos;Madrid;E-28760;Spain
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;28448
fn:Javier Fernández-Sanguino Peña
end:vcard
