Bugtraq mailing list archives

Re: kde exploit

From: aleph1 () nationwide net (Aleph One)
Date: Sun, 17 May 1998 01:09:47 -0500


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime () docserver cac washington edu for more info.

---490605465-493702262-895346977=:4318
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Content-ID: <Pine.SUN.3.94.980517010450.17320F () dfw dfw net>

On Sat, 16 May 1998, Catalin Mitrofan wrote:


        Remove the suids from all kde programs ... if you don`t believe
try this ;-)


Ack. Do not use this exploit without modifying it. The thing attempts to
run 'ssh pentagon.usa.gov -v' if the exploit succeeds, although that host
does not exist.  As always do not run or compile something before you have
inspected it.

Aleph One / aleph1 () dfw net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01

---490605465-493702262-895346977=:4318--

Current thread:

Re: Bay Networks Security Hole Berislav Todorovic (May 11)
- <Possible follow-ups>
- Re: Bay Networks Security Hole Kirby Dolak (May 14)
  - Re: Bay Networks Security Hole Gert Doering (May 14)
  - security holes, notification protocols, and a clarification Michael Tiemann (May 14)
    - pingflood.c AntireZ (Apr 09)
    - Re: pingflood.c Solar Designer (May 18)
    - Toshiba notebooks BIOS password backdoor Rop Gonggrijp (May 15)
    - Re: Toshiba notebooks BIOS password backdoor Aleph One (May 15)
    - May SysAdmin man.sh security hole Aleph One (May 16)
    - kde exploit Catalin Mitrofan (May 16)
    - Re: kde exploit Aleph One (May 16)
    - Re: security holes, notification protocols, and a clarification Elmer Joandi (May 15)
    - Re: security holes, notification protocols, and a clarification Nathan Neulinger (May 15)
- Re: Bay Networks Security Hole Berislav Todorovic (May 15)