200 messages in org.freebsd.freebsd-securityRe: security hole in FreeBSD| From | Sent On | Attachments |
|---|---|---|
| Vincent Poy | Jul 28, 1997 3:19 am | |
| Nicole H. | Jul 28, 1997 3:22 am | |
| Vincent Poy | Jul 28, 1997 4:39 am | |
| Robert Watson | Jul 28, 1997 5:36 am | |
| Nicole H. | Jul 28, 1997 5:40 am | |
| Eric Feillant | Jul 28, 1997 5:41 am | |
| David Holland | Jul 28, 1997 6:12 am | |
| Nicole H. | Jul 28, 1997 6:15 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 6:22 am | |
| Tomasz Dudziak | Jul 28, 1997 6:29 am | |
| Adam Shostack | Jul 28, 1997 6:39 am | |
| Guido van Rooij | Jul 28, 1997 6:52 am | |
| Garrett Wollman | Jul 28, 1997 7:04 am | |
| Robert Watson | Jul 28, 1997 7:56 am | |
| Robert Watson | Jul 28, 1997 7:59 am | |
| Ollivier Robert | Jul 28, 1997 8:16 am | |
| Robert Watson | Jul 28, 1997 8:48 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 8:50 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 8:54 am | |
| Rodney W. Grimes | Jul 28, 1997 8:55 am | |
| Adam Shostack | Jul 28, 1997 9:04 am | |
| Robert Watson | Jul 28, 1997 10:08 am | |
| Rodney W. Grimes | Jul 28, 1997 10:26 am | |
| Vincent Poy | Jul 28, 1997 10:59 am | |
| Vincent Poy | Jul 28, 1997 11:23 am | |
| Vincent Poy | Jul 28, 1997 11:27 am | |
| David Langford | Jul 28, 1997 11:30 am | |
| Vincent Poy | Jul 28, 1997 11:31 am | |
| Robert Watson | Jul 28, 1997 11:33 am | |
| Robert Watson | Jul 28, 1997 11:44 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:46 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:48 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:49 am | |
| Vincent Poy | Jul 28, 1997 12:29 pm | |
| Robert Watson | Jul 28, 1997 12:29 pm | |
| Vincent Poy | Jul 28, 1997 12:38 pm | |
| Vincent Poy | Jul 28, 1997 12:48 pm | |
| Vincent Poy | Jul 28, 1997 12:54 pm | |
| Vincent Poy | Jul 28, 1997 12:56 pm | |
| Adam Shostack | Jul 28, 1997 1:04 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:15 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:16 pm | |
| Robert Watson | Jul 28, 1997 1:45 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:47 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:51 pm | |
| Robert Watson | Jul 28, 1997 1:54 pm | |
| Nate Williams | Jul 28, 1997 2:00 pm | |
| Ollivier Robert | Jul 28, 1997 2:07 pm | |
| Matthew N. Dodd | Jul 28, 1997 2:14 pm | |
| Karl Denninger | Jul 28, 1997 2:42 pm | |
| Vincent Poy | Jul 28, 1997 2:43 pm | |
| Vincent Poy | Jul 28, 1997 3:01 pm | |
| Vincent Poy | Jul 28, 1997 3:06 pm | |
| Jordan K. Hubbard | Jul 28, 1997 3:10 pm | |
| Vincent Poy | Jul 28, 1997 3:25 pm | |
| Vincent Poy | Jul 28, 1997 3:28 pm | |
| Matthew N. Dodd | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:44 pm | |
| 141 later messages | ||
| Subject: | Re: security hole in FreeBSD | |
|---|---|---|
| From: | Jonathan A. Zdziarski (jo...@netrail.net) | |
| Date: | Jul 28, 1997 6:22:23 am | |
| List: | org.freebsd.freebsd-security | |
I would check also /etc/inetd.conf to make sure he didn't set himself up with a root-environment on some port, I know finger -P will let you run for example a shell, and if it is set up as root, well...
------------------------------------------------------------------------- Jonathan A. Zdziarski NetRail Incorporated Server Engineering Manager 230 Peachtree St. Suite 500 jo...@netrail.net Atlanta, GA 30303 http://www.netrail.net (888) - NETRAIL
-------------------------------------------------------------------------
On Mon, 28 Jul 1997, Ollivier Robert wrote:
:According to Vincent Poy: :> 1) User on mercury machine complained about perl5 not working which was :> perl5.003 since libmalloc lib it was linked to was missing. :> 2) I recompiled the perl5 port from the ports tree and it's perl5.00403 :> and it works. : :I don't think he used perl to hack root unless you kept old versions of :Perl4 and Perl5. The buffer overflows in Perl4 were plugged in May by :Werner. 5.003+ holes are fixed in 5.004 and later. : :> 6) We went to inetd.conf and shut off all daemons except telnetd and :> rebooted and user still can get onto the machine invisibly. : :That shows that he has used a spare port to hook a root shell on. In these :case, "netstat -a" or "lsof -i:TCP" will give you all connections, :including those on which a program is LISTENing to. That way you'll catch :any process left on a port. : :-- :Ollivier ROBERT -=- FreeBSD: There are no limits -=- robe...@keltia.freenix.fr :FreeBSD keltia.freenix.fr 3.0-CURRENT #23: Sun Jul 20 18:10:34 CEST 1997 :