security/smaSHeM - The NetBSD Packages Collection

System V shared memory segment manipulator

System V shared memory segments created with shmget() are assigned an
owner, a group and a set of permissions intended to limit access to
the segment to designated processes only.  The owner of a shared
memory segment can change the ownership and permissions on a segment
after its creation using shmctl().  Any subsequent processes that wish
to attach to the segment can only do so if they have the appropriate
permissions.  Once attached, the process can read or write to the
segment, as per the permissions that were set when the segment was
created.

smaSHeM takes advantage of applications that set weak permissions on
such segments, allowing an attacker to dump or patch their contents.
As discussed in the presentation at 44CON 2013 entitled 'I Miss LSD',
in the case of many X11 applications it is possible to extract pixmaps
of previously rendered GUI artifacts.  When compiled with QtCore
linking enabled, smaSHeM aids in that process by brute forcing
potentially valid dimensions for the raw pixmap dump.

Build dependencies

pkgtools/mktools pkgtools/cwrappers

Runtime dependencies

(none)

Binary packages

OSArchitectureVersion
NetBSD 10.0aarch64smaSHeM-0.4.tgz
NetBSD 10.0aarch64smaSHeM-0.4.tgz
NetBSD 10.0aarch64smaSHeM-0.4.tgz
NetBSD 10.0aarch64ebsmaSHeM-0.4.tgz
NetBSD 10.0aarch64ebsmaSHeM-0.4.tgz
NetBSD 10.0alphasmaSHeM-0.4.tgz
NetBSD 10.0earmv4smaSHeM-0.4.tgz
NetBSD 10.0earmv6hfsmaSHeM-0.4.tgz
NetBSD 10.0earmv6hfsmaSHeM-0.4.tgz
NetBSD 10.0earmv6hfsmaSHeM-0.4.tgz
NetBSD 10.0earmv7hfsmaSHeM-0.4.tgz
NetBSD 10.0earmv7hfsmaSHeM-0.4.tgz
NetBSD 10.0earmv7hfsmaSHeM-0.4.tgz
NetBSD 10.0i386smaSHeM-0.4.tgz
NetBSD 10.0i386smaSHeM-0.4.tgz
NetBSD 10.0m68ksmaSHeM-0.4.tgz
NetBSD 10.0powerpcsmaSHeM-0.4.tgz
NetBSD 10.0sparcsmaSHeM-0.4.tgz
NetBSD 10.0vaxsmaSHeM-0.4.tgz
NetBSD 10.0x86_64smaSHeM-0.4.tgz
NetBSD 10.0_BETAx86_64smaSHeM-0.4.tgz
NetBSD 8.0i386smaSHeM-0.4.tgz
NetBSD 8.0i386smaSHeM-0.4.tgz
NetBSD 8.0i386smaSHeM-0.4.tgz
NetBSD 8.0powerpcsmaSHeM-0.4.tgz
NetBSD 8.0powerpcsmaSHeM-0.4.tgz
NetBSD 8.0powerpcsmaSHeM-0.4.tgz
NetBSD 8.0powerpcsmaSHeM-0.4.tgz
NetBSD 8.0x86_64smaSHeM-0.4.tgz
NetBSD 8.0x86_64smaSHeM-0.4.tgz
NetBSD 8.0x86_64smaSHeM-0.4.tgz
NetBSD 9.0aarch64smaSHeM-0.4.tgz
NetBSD 9.0aarch64smaSHeM-0.4.tgz
NetBSD 9.0aarch64smaSHeM-0.4.tgz
NetBSD 9.0alphasmaSHeM-0.4.tgz
NetBSD 9.0alphasmaSHeM-0.4.tgz
NetBSD 9.0earmsmaSHeM-0.4.tgz
NetBSD 9.0earmv6hfsmaSHeM-0.4.tgz
NetBSD 9.0earmv6hfsmaSHeM-0.4.tgz
NetBSD 9.0earmv6hfsmaSHeM-0.4.tgz
NetBSD 9.0earmv7hfsmaSHeM-0.4.tgz
NetBSD 9.0earmv7hfsmaSHeM-0.4.tgz
NetBSD 9.0earmv7hfsmaSHeM-0.4.tgz
NetBSD 9.0i386smaSHeM-0.4.tgz
NetBSD 9.0i386smaSHeM-0.4.tgz
NetBSD 9.0m68ksmaSHeM-0.4.tgz
NetBSD 9.0m68ksmaSHeM-0.4.tgz
NetBSD 9.0m68ksmaSHeM-0.4.tgz
NetBSD 9.0mips64ebsmaSHeM-0.4.tgz
NetBSD 9.0powerpcsmaSHeM-0.4.tgz
NetBSD 9.0powerpcsmaSHeM-0.4.tgz
NetBSD 9.0powerpcsmaSHeM-0.4.tgz
NetBSD 9.0powerpcsmaSHeM-0.4.tgz
NetBSD 9.0sh3elsmaSHeM-0.4.tgz
NetBSD 9.0sh3elsmaSHeM-0.4.tgz
NetBSD 9.0sparc64smaSHeM-0.4.tgz
NetBSD 9.0sparcsmaSHeM-0.4.tgz
NetBSD 9.0sparcsmaSHeM-0.4.tgz
NetBSD 9.0x86_64smaSHeM-0.4.tgz
NetBSD 9.0x86_64smaSHeM-0.4.tgz
NetBSD 9.3x86_64smaSHeM-0.4.tgz
NetBSD 9.3x86_64smaSHeM-0.4.tgz

Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.

Available build options

(none)

Known vulnerabilities

The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.

Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.


Problem reports, updates or suggestions for this package should be reported with send-pr.