200 messages in org.freebsd.freebsd-securityRe: security hole in FreeBSD| From | Sent On | Attachments |
|---|---|---|
| Vincent Poy | Jul 28, 1997 3:19 am | |
| Nicole H. | Jul 28, 1997 3:22 am | |
| Vincent Poy | Jul 28, 1997 4:39 am | |
| Robert Watson | Jul 28, 1997 5:36 am | |
| Nicole H. | Jul 28, 1997 5:40 am | |
| Eric Feillant | Jul 28, 1997 5:41 am | |
| David Holland | Jul 28, 1997 6:12 am | |
| Nicole H. | Jul 28, 1997 6:15 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 6:22 am | |
| Tomasz Dudziak | Jul 28, 1997 6:29 am | |
| Adam Shostack | Jul 28, 1997 6:39 am | |
| Guido van Rooij | Jul 28, 1997 6:52 am | |
| Garrett Wollman | Jul 28, 1997 7:04 am | |
| Robert Watson | Jul 28, 1997 7:56 am | |
| Robert Watson | Jul 28, 1997 7:59 am | |
| Ollivier Robert | Jul 28, 1997 8:16 am | |
| Robert Watson | Jul 28, 1997 8:48 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 8:50 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 8:54 am | |
| Rodney W. Grimes | Jul 28, 1997 8:55 am | |
| Adam Shostack | Jul 28, 1997 9:04 am | |
| Robert Watson | Jul 28, 1997 10:08 am | |
| Rodney W. Grimes | Jul 28, 1997 10:26 am | |
| Vincent Poy | Jul 28, 1997 10:59 am | |
| Vincent Poy | Jul 28, 1997 11:23 am | |
| Vincent Poy | Jul 28, 1997 11:27 am | |
| David Langford | Jul 28, 1997 11:30 am | |
| Vincent Poy | Jul 28, 1997 11:31 am | |
| Robert Watson | Jul 28, 1997 11:33 am | |
| Robert Watson | Jul 28, 1997 11:44 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:46 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:48 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:49 am | |
| Robert Watson | Jul 28, 1997 12:29 pm | |
| Vincent Poy | Jul 28, 1997 12:29 pm | |
| Vincent Poy | Jul 28, 1997 12:38 pm | |
| Vincent Poy | Jul 28, 1997 12:48 pm | |
| Vincent Poy | Jul 28, 1997 12:54 pm | |
| Vincent Poy | Jul 28, 1997 12:56 pm | |
| Adam Shostack | Jul 28, 1997 1:04 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:15 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:16 pm | |
| Robert Watson | Jul 28, 1997 1:45 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:47 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:51 pm | |
| Robert Watson | Jul 28, 1997 1:54 pm | |
| Nate Williams | Jul 28, 1997 2:00 pm | |
| Ollivier Robert | Jul 28, 1997 2:07 pm | |
| Matthew N. Dodd | Jul 28, 1997 2:14 pm | |
| Karl Denninger | Jul 28, 1997 2:42 pm | |
| Vincent Poy | Jul 28, 1997 2:43 pm | |
| Vincent Poy | Jul 28, 1997 3:01 pm | |
| Vincent Poy | Jul 28, 1997 3:06 pm | |
| Jordan K. Hubbard | Jul 28, 1997 3:10 pm | |
| Vincent Poy | Jul 28, 1997 3:25 pm | |
| Vincent Poy | Jul 28, 1997 3:28 pm | |
| Matthew N. Dodd | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:44 pm | |
| Brian Buchanan | Jul 28, 1997 4:06 pm | |
| Gary Clark II | Jul 28, 1997 4:06 pm | |
| Vincent Poy | Jul 28, 1997 4:14 pm | |
| Vincent Poy | Jul 28, 1997 4:16 pm | |
| Vincent Poy | Jul 28, 1997 4:18 pm | |
| Matthew N. Dodd | Jul 28, 1997 4:18 pm | |
| Vincent Poy | Jul 28, 1997 4:19 pm | |
| Vincent Poy | Jul 28, 1997 4:25 pm | |
| Vincent Poy | Jul 28, 1997 4:30 pm | |
| Brian Buchanan | Jul 28, 1997 4:48 pm | |
| Jordan K. Hubbard | Jul 28, 1997 4:59 pm | |
| Jordan K. Hubbard | Jul 28, 1997 5:00 pm | |
| Vincent Poy | Jul 28, 1997 5:02 pm | |
| Brian Buchanan | Jul 28, 1997 5:09 pm | |
| Vincent Poy | Jul 28, 1997 5:19 pm | |
| Vincent Poy | Jul 28, 1997 5:20 pm | |
| Gary Palmer | Jul 28, 1997 5:22 pm | |
| Vincent Poy | Jul 28, 1997 5:26 pm | |
| Vincent Poy | Jul 28, 1997 5:30 pm | |
| Gary Palmer | Jul 28, 1997 5:30 pm | |
| Brian Buchanan | Jul 28, 1997 5:32 pm | |
| Gary Palmer | Jul 28, 1997 5:33 pm | |
| Vincent Poy | Jul 28, 1997 5:34 pm | |
| Gary Palmer | Jul 28, 1997 5:36 pm | |
| Vincent Poy | Jul 28, 1997 5:40 pm | |
| Gary Palmer | Jul 28, 1997 5:44 pm | |
| 115 later messages | ||
| Subject: | Re: security hole in FreeBSD | |
|---|---|---|
| From: | Vincent Poy (vin...@mail.MCESTATE.COM) | |
| Date: | Jul 28, 1997 12:29:22 pm | |
| List: | org.freebsd.freebsd-security | |
On Mon, 28 Jul 1997, David Langford wrote:
=)I recently caught a breakin faily simaliar. =)The perp replace /bin/login with one that would let them login =)to ANY account with a password of "lemmein". The login would NOT be logged =)and so it was very difficult to tell what was going on.
Hmmm, I can understand this can be done if the user had access to the system in the first place which he did on the mercury machine but how did he do it on the earth machine?
=)My only guess is that they used the old suidperl hack to get root. =)Supposedly this doesnt work on newer perl though.
I supped the latest ports tree, build and install perl5.00401 and sperl5.00401 and deleted the perl5.003 and sperl5.003 in /usr/local/bin so it wasn't the old version of perl.
=)My suggestion to you would be to get a clean source tree, recompile everything =)and install tripwire.
I'll do that as soon as the machine comes back up. I heard that suid programs can be a problem too but which ones are required to be suid?
Cheers, Vince - vin...@MCESTATE.COM - vin...@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]