Bugtraq mailing list archives

Re: simple kde exploit fix

From: aj () DUNGEON INKA DE (Andreas Jellinghaus)
Date: Mon, 18 May 1998 20:59:24 +0200


the kde packages done by debian were affected by the kde exploit this way:
they were not setuid root, but setgid shadow. so it could be possible to read
/etc/shadow, but not get root rights.

andreas

Current thread:

Re: easy DoS in most RPC apps, (continued)
- Re: easy DoS in most RPC apps Peter van Dijk (May 14)
- Re: easy DoS in most RPC apps David LeBlanc (May 17)
  - Re: easy DoS in most RPC apps Scott Stone (May 17)
    - Re: easy DoS in most RPC apps Bill Paul (May 17)
    - Re: easy DoS in most RPC apps Olaf Kirch (May 18)
    - simple kde exploit fix David Zhao (May 17)
    - Re: simple kde exploit fix Luca Berra (May 18)
    - NFS shell Leendert van Doorn (May 18)
    - Re: NFS shell Oliver Friedrichs (May 19)
    - Re: NFS shell Leendert van Doorn (May 19)
    - Re: simple kde exploit fix Andreas Jellinghaus (May 18)
    - DHCP 1.0 and 2.0 SECURITY ALERT! (fwd) Chris Evans (May 18)