[luau] FreeBSD Local Root exploit... it works ;)
cpaul at telemetrybox.org
cpaul at telemetrybox.org
Tue Apr 23 12:36:26 PDT 2002
Take a look at this comp.unix.admin posting:
http://groups.google.com/groups?q=checklist+security+setuid+-linux+group:alt.security&hl=en&scoring=r&selm=1991May14.101450.830%40convex.com&rnum=1
On Tue, Apr 23, 2002 at 09:25:00AM -1000, R. Scott Belford wrote:
> Hold on. This defies all that I understand about *bsd. (very easy to do
> since I know so little) You are telling me that there is a local root
> exploit, known of for 13 years, that you are able to take advantage of
> today? Does this mean that freebsd boxes are running with this hole now
> if no one patched them? I thought this distribution was know to be more
> responsive to security issues? Most interesting.
>
> scott
>
> On Tuesday, April 23, 2002, at 08:59 AM, cpaul at telemetrybox.org wrote:
>
> >Well, according to the Bugtraq list, this is an ancient bug that was
> >reported in 1989.
> >
> >On Tue, Apr 23, 2002 at 08:56:20AM -1000, R. Scott Belford wrote:
> >>I did not think *bsd distros had such holes. How long does it usually
> >>take the team to patch them?
> >>
> >>scott
> >>
> >_______________________________________________
> >LUAU mailing list
> >LUAU at videl.ics.hawaii.edu
> >http://videl.ics.hawaii.edu/mailman/listinfo/luau
> >
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
--
"The human brain is like an enormous fish - it is flat and slimy and has gills through which it can see." - Monty Python
GPG key: http://linefeed.org/~epsas/epsas.asc
fingerprint: 4819 FBE0 5BE3 83FE E788 1AA4 A91C 5FB0 E3FF 4F9D
More information about the LUAU
mailing list