Bugtraq mailing list archives
Re: Globetrotter FlexLM 'lmdown' bogosity
From: kemasa () SILICON NET (Kemasa)
Date: Sun, 27 Sep 1998 11:33:32 -0700
From: Valdis.Kletnieks () VT EDU ... Well, here's an oldie but goodie, which we first saw at least 3 years ago. Lo and behold, it's apparently STILL broken. Sorry, no vendor notification - we told them 3 years ago. ;) FlexLM 'lmdown' command will chow your license server from anywhere on the Internet - all you need is a copy of the license file. The authentication appears to be "Well, you appear to be root on the machine that you typed 'lmdown' on".
Have you looked at the switch options for lmgrd? If you had you would find that there is an option to limit the ability to take down the license daemons to a specific group, which basically stops what you are talking about. I think it is also possible to completely ignore a lmdown command since it would be possible to try all possible group ids. It is a bit of a problem that they set it up that way by default and since you need not run it as root, you should change the owner to something else, change the options and a clean up the way the log files work. You DO have the option of changing the functionality though, so you really can't blame them for your not looking at the man pages on the program. Kemasa.
Current thread:
- Globetrotter FlexLM 'lmdown' bogosity Valdis.Kletnieks () VT EDU (Sep 25)
- Re: Globetrotter FlexLM 'lmdown' bogosity Nathan Neulinger (Sep 25)
- Root exploit for SCO OpenServer. Leshka (Sep 26)
- <Possible follow-ups>
- Re: Globetrotter FlexLM 'lmdown' bogosity Kemasa (Sep 27)
- Re: Globetrotter FlexLM 'lmdown' bogosity Nathan Neulinger (Sep 28)