Bugtraq mailing list archives
Re: rdist exploit [bsdi]
From: caseq () sharks kylmedia fi (Andrew Kosyakov)
Date: Sun, 14 Jul 1996 13:41:44 +0300
Hi! Quoting Andrew N. Edmond:
chflags noschg /usr/bin/rdist # must take off immutable flag! chmod 000 /usr/bin/rdist # wipe all functionality from this prog
Looking forward to a source patch, for sure!
I fixed it this way. At least it fixes the hole that is exploited in Brian Mitchell's script, but I'm unsure about others -- I'm getting paranoid, too:-) --- lookup.c.old Fri May 27 16:32:33 1994 +++ lookup.c Fri Jul 12 14:06:13 1996 @@ -126,11 +126,12 @@ register unsigned n; register char *cp; register struct syment *s; - char buf[256]; + char *buf=alloca(strlen(name)+50); if (debug) printf("lookup(%s, %d, %x)\n", name, action, value); + if (buf==NULL) fatal("ran out of memory"); n = 0; for (cp = name; *cp; ) n += *cp++; -- Sincerely yours /&rew *** Andrew V. Kosyakov, Chance Publishing House, System Administrator caseq () chance ru, 2:5030/31 () Fidonet Org, +7(812)210-8046 PGP key fingerprint: BA A8 48 20 E4 AE 9C 52 C5 5F C3 B8 1E 67 2C BF
Current thread:
- Re: rdist exploit [bsdi] The Terminator rAT (Jul 12)
- <Possible follow-ups>
- Re: rdist exploit [bsdi] Max Vision (Jul 13)
- Re: rdist exploit [bsdi] Andrew Kosyakov (Jul 14)
- Re: rdist exploit [bsdi] Chris Siebenmann (Jul 16)
- Re: rdist exploit [bsdi] Simon J. Gerraty (Jul 17)